From b90a0f8dfdcfc045bdfef50ce0e91bbd056f3d47 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 3 Apr 2024 20:18:22 +0200
Subject: cleanup old linuxtage stuff and add new glt-jitsi

---
 inventory/host_vars/glt-gw-tug.yml | 177 -------------------------------------
 1 file changed, 177 deletions(-)
 delete mode 100644 inventory/host_vars/glt-gw-tug.yml

(limited to 'inventory/host_vars/glt-gw-tug.yml')

diff --git a/inventory/host_vars/glt-gw-tug.yml b/inventory/host_vars/glt-gw-tug.yml
deleted file mode 100644
index 5e1d0a45..00000000
--- a/inventory/host_vars/glt-gw-tug.yml
+++ /dev/null
@@ -1,177 +0,0 @@
----
-openwrt_arch: x86
-openwrt_target: 64
-openwrt_profile: generic
-openwrt_output_image_suffixes:
-  - "{{ openwrt_profile }}-ext4-combined.img.gz"
-
-openwrt_packages_remove:
-  - ppp
-  - ppp-mod-pppoe
-  - firewall
-openwrt_packages_add:
-  - kmod-ipt-nat
-  - kmod-ipt-conntrack
-  - haveged
-  - htop
-  - ip
-  - less
-  - nano
-  - tcpdump-mini
-  - iperf
-  - iperf3
-  - mtr
-  - iptraf-ng
-
-
-openwrt_mixin:
-  /etc/dropbear/authorized_keys:
-    content: "{{ ssh_keys_root | join('\n') }}\n"
-
-  /etc/htoprc:
-    file: "{{ global_files_dir }}/common/htoprc"
-
-  /etc/rc.d/S22network-fw:
-    link: "../init.d/network-fw"
-
-  /etc/rc.d/K92network-fw:
-    link: "../init.d/network-fw"
-
-  /etc/init.d/network-fw:
-    mode: "0755"
-    content: |
-      #!/bin/sh /etc/rc.common
-
-      START=22
-      STOP=91
-
-      start() {
-        WAN_IF=$(uci get network.wan.device)
-        LAN_IF="br-lan"
-        LAN_IP=$(uci get network.lan.ipaddr)
-        LAN_MASK=$(uci get network.lan.netmask)
-
-        iptables -A INPUT -i lo -d 127.0.0.0/8 -s 127.0.0.0/8 -j ACCEPT
-
-        ### external incoming
-        iptables -A INPUT -i "$WAN_IF" -p icmp -j ACCEPT
-        iptables -A INPUT -i "$WAN_IF" -p tcp --dport {{ ansible_port }} -j ACCEPT
-        iptables -A INPUT -i "$WAN_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-
-        ### internal
-        iptables -A INPUT -i "$LAN_IF" -p udp --dport 67 --sport 68 -j ACCEPT
-        iptables -A INPUT -i "$LAN_IF" -p udp --dport 53 -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT
-        iptables -A INPUT -i "$LAN_IF" -p tcp --dport 53 -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT
-
-        iptables -A INPUT -i "$LAN_IF" -p icmp -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT
-        iptables -A INPUT -i "$LAN_IF" -p tcp --dport {{ ansible_port }} -d "$LAN_IP" -s "$LAN_IP/$LAN_MASK" -j ACCEPT
-        iptables -A INPUT -i "$LAN_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-
-        iptables -A FORWARD -i "$LAN_IF" -o "$WAN_IF" -s "$LAN_IP/$LAN_MASK" -j ACCEPT
-        iptables -A FORWARD -i "$WAN_IF" -o "$LAN_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-        iptables -t nat -A POSTROUTING -o "$WAN_IF" -s "$LAN_IP/$LAN_MASK" -j MASQUERADE
-
-        ### default policies
-        iptables -P INPUT DROP
-        iptables -P FORWARD DROP
-      }
-
-      stop() {
-        iptables -P INPUT ACCEPT
-        iptables -F INPUT
-        iptables -P FORWARD ACCEPT
-        iptables -F FORWARD
-        iptables -t nat -F POSTROUTING
-      }
-
-openwrt_uci:
-  system:
-    - name: system
-      options:
-        hostname: '{{ host_name }}'
-        timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
-        ttylogin: '0'
-        log_size: '64'
-        urandom_seed: '0'
-
-    - name: timeserver 'ntp'
-      options:
-        enabled: '1'
-        enable_server: '0'
-        server:
-          - '0.lede.pool.ntp.org'
-          - '1.lede.pool.ntp.org'
-          - '2.lede.pool.ntp.org'
-          - '3.lede.pool.ntp.org'
-
-  dropbear:
-    - name: dropbear
-      options:
-        PasswordAuth: 'off'
-        RootPasswordAuth: 'off'
-        Port: '{{ ansible_port }}'
-
-  dhcp:
-    - name: dnsmasq
-      options:
-        domainneeded: '1'
-        boguspriv: '0'
-        filterwin2k: '0'
-        localise_queries: '1'
-        rebind_protection: '0'
-        rebind_localhost: '1'
-        local: '/lan/'
-        domain: 'lan'
-        expandhosts: '1'
-        nonegcache: '0'
-        authoritative: '1'
-        readethers: '1'
-        leasefile: '/tmp/dhcp.leases'
-        resolvfile: '/tmp/resolv.conf.auto'
-        localservice: '1'
-
-    - name: odhcpd 'odhcpd'
-      options:
-        maindhcp: '0'
-        leasefile: '/tmp/hosts/odhcpd'
-        leasetrigger: '/usr/sbin/odhcpd-update'
-
-    - name: dhcp 'wan'
-      options:
-        interface: 'wan'
-        ignore: '1'
-
-    - name: dhcp 'lan'
-      options:
-        interface: 'lan'
-        start: "{{ network_zones.tug_lan.dhcp.start }}"
-        limit: "{{ network_zones.tug_lan.dhcp.limit }}"
-        leasetime: "{{ network_zones.tug_lan.dhcp.leasetime | default('12h') }}"
-        dhcpv6: 'disabled'
-        ra: 'disabled'
-
-  network:
-    - name: globals 'globals'
-      options:
-        ula_prefix: "fc{{ '%02x:%04x:%04x' | format((255 | random(seed=inventory_hostname + '0')), (65535 | random(seed=inventory_hostname + '1')), (65535 | random(seed=inventory_hostname + '2'))) }}::/48"
-
-    - name: interface 'loopback'
-      options:
-        device: lo
-        proto: static
-        ipaddr: 127.0.0.1
-        netmask: 255.0.0.0
-
-    - name: interface 'lan'
-      options:
-        type: bridge
-        device: "eth0 eth1 eth2 eth3 eth4"
-        proto: static
-        ipaddr: "{{ network_zones.tug_lan.prefix | ansible.utils.ipaddr(network_zones.tug_lan.offsets[inventory_hostname]) | ansible.utils.ipaddr('address') }}"
-        netmask: "{{ network_zones.tug_lan.prefix | ansible.utils.ipaddr('netmask') }}"
-
-    - name: interface 'wan'
-      options:
-        device: eth5
-        proto: dhcp
-        macaddr: 00:11:22:33:44:55
-- 
cgit v1.2.3