summaryrefslogtreecommitdiff
path: root/inventory
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2021-07-18 23:30:36 +0200
committerChristian Pointner <equinox@spreadspace.org>2021-07-18 23:30:36 +0200
commitbd79a4c885e19e31eac29abc3cabec47326aa6e4 (patch)
tree20e580e58f9b23aff3d26b3c3699c62be2f40440 /inventory
parentelevate: update ip assignments (diff)
reconfigure ele-router (WIP)
Diffstat (limited to 'inventory')
-rw-r--r--inventory/host_vars/ele-router.yml98
1 files changed, 7 insertions, 91 deletions
diff --git a/inventory/host_vars/ele-router.yml b/inventory/host_vars/ele-router.yml
index 520bd751..1f795cd9 100644
--- a/inventory/host_vars/ele-router.yml
+++ b/inventory/host_vars/ele-router.yml
@@ -39,49 +39,9 @@ network_internal_zone_names: "{{ network_internal_zone_names__wan + network_inte
openwrt_network_external:
- - name: switch_vlan
- options:
- device: 'switch0'
- ## for some reason vlan-id 502 does not work. why??
- #vlan: '{{ network_zones.forum_a1.vlan }}'
- vlan: '1'
- ports: '4 6t'
-
- - name: interface 'wanforum'
- options:
- ## for some reason vlan-id 502 does not work. why??
- #ifname: 'eth0.{{ network_zones.forum_a1.vlan }}'
- ifname: 'eth0.1'
- proto: dhcp
- defaultroute: '0' ## see static route 'forumdefault' below
- accept_ra: 0
-
- - name: rule
- options:
- priority: 40000
- lookup: 101
-
- - name: route 'forumdefault'
- options:
- interface: 'wanforum'
- table: 101
- target: '0.0.0.0/0'
- gateway: 192.168.0.254 ## A1 router @ForumStadtpark uses this address
-
-
- - name: switch_vlan
- options:
- device: 'switch0'
- ## for some reason vlan-id 502 does not work. why??
- #vlan: '{{ network_zones.funkfeuer.vlan }}'
- vlan: '2'
- ports: '3 6t'
-
- name: interface 'wanff'
options:
- ## for some reason vlan-id 502 does not work. why??
- #ifname: 'eth0.{{ network_zones.funkfeuer.vlan }}'
- ifname: 'eth0.2'
+ ifname: 'eth5'
proto: static
ipaddr: "{{ network_zones.funkfeuer.prefix | ipaddr(network_zones.funkfeuer.offsets[inventory_hostname]) | ipaddr('address') }}"
netmask: "{{ network_zones.funkfeuer.prefix | ipaddr('netmask') }}"
@@ -107,19 +67,9 @@ openwrt_network_external:
gateway: "{{ network_zones.funkfeuer.gateway }}"
- - name: switch_vlan
- options:
- device: 'switch0'
- ## for some reason vlan-id 512 does not work. why??
- #vlan: '{{ network_zones.datacop_lte.vlan }}'
- vlan: '3'
- ports: '2 6t'
-
- name: interface 'wanlte'
options:
- ## for some reason vlan-id 512 does not work. why??
- #ifname: 'eth0.{{ network_zones.datacop_lte.vlan }}'
- ifname: 'eth0.3'
+ ifname: 'eth4'
proto: static
ipaddr: "{{ network_zones.datacop_lte.prefix | ipaddr(network_zones.datacop_lte.offsets[inventory_hostname]) | ipaddr('address') }}"
netmask: "{{ network_zones.datacop_lte.prefix | ipaddr('netmask') }}"
@@ -149,12 +99,6 @@ openwrt_network_external:
openwrt_network_internal: "{{ openwrt_network_internal_yaml | from_yaml }}"
openwrt_network_internal_yaml: |
{% for zone_name in network_internal_zone_names %}
- - name: switch_vlan
- options:
- device: 'switch0'
- vlan: '{{ network_zones[zone_name].vlan }}'
- ports: '0t 6t'
-
- name: "interface '{{ zone_name }}'"
options:
ifname: "eth0.{{ network_zones[zone_name].vlan }}"
@@ -184,18 +128,6 @@ openwrt_network_base:
ipaddr: 127.0.0.1
netmask: 255.0.0.0
- - name: switch
- options:
- name: 'switch0'
- reset: '1'
- enable_vlan: '1'
-
- - name: switch_vlan
- options:
- device: 'switch0'
- vlan: '{{ network_mgmt_zone.vlan }}'
- ports: '0t 1 6t'
-
- name: interface 'mgmt'
options:
ifname: "eth0.{{ network_mgmt_zone.vlan }}"
@@ -206,11 +138,6 @@ openwrt_network_base:
openwrt_dhcp_external:
- - name: dhcp 'wanforum'
- options:
- interface: 'wanforum'
- ignore: '1'
-
- name: dhcp 'wanff'
options:
interface: 'wanff'
@@ -271,12 +198,12 @@ openwrt_dhcp_base:
openwrt_variant: openwrt
-openwrt_release: 19.07.1
-openwrt_arch: ramips
-openwrt_target: mt7621
-openwrt_profile: ubnt-erx
+openwrt_release: 19.07.7
+openwrt_arch: x86
+openwrt_target: 64
+openwrt_profile: Generic
openwrt_output_image_suffixes:
- - "{{ openwrt_profile }}-squashfs-sysupgrade.bin"
+ - "combined-ext4.img.gz"
openwrt_packages_remove:
- ppp
@@ -361,7 +288,6 @@ openwrt_mixin:
STOP=91
start() {
- WAN_IF=$(uci get network.wanforum.ifname)
FF_IF=$(uci get network.wanff.ifname)
LTE_IF=$(uci get network.wanlte.ifname)
MGMT_IF=$(uci get network.mgmt.ifname)
@@ -373,10 +299,6 @@ openwrt_mixin:
iptables -A INPUT -i "$MGMT_IF" -d "$MGMT_IPADDR" -s "$MGMT_IPADDR/$MGMT_NETMASK" -j ACCEPT
### todo: limit the destination address?
- iptables -A INPUT -i "$WAN_IF" -p icmp -j ACCEPT
- iptables -A INPUT -i "$WAN_IF" -p tcp --dport {{ ansible_port }} -j ACCEPT
- iptables -A INPUT -i "$WAN_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-
iptables -A INPUT -i "$FF_IF" -p icmp -j ACCEPT
iptables -A INPUT -i "$FF_IF" -p tcp --dport {{ ansible_port }} -j ACCEPT
iptables -A INPUT -i "$FF_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
@@ -453,12 +375,6 @@ openwrt_uci:
- '2.lede.pool.ntp.org'
- '3.lede.pool.ntp.org'
- - name: gpio_switch 'poe_passthrough'
- options:
- name: 'PoE Passthrough'
- gpio_pin: '0'
- value: '0'
-
dropbear:
- name: dropbear
options: