From a88ce7b965c1d4c03aac02c1c8be819cff0f9f6e Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Sat, 24 Dec 2022 01:58:59 +0100 Subject: mz-(router|ap): upgrade to openwrt 22.03.2 --- inventory/host_vars/mz-ap.yml | 72 +++++++++++++++++++++++++++---------------- 1 file changed, 45 insertions(+), 27 deletions(-) (limited to 'inventory/host_vars/mz-ap.yml') diff --git a/inventory/host_vars/mz-ap.yml b/inventory/host_vars/mz-ap.yml index faefd444..974de8a1 100644 --- a/inventory/host_vars/mz-ap.yml +++ b/inventory/host_vars/mz-ap.yml @@ -1,20 +1,21 @@ --- -openwrt_variant: openwrt -openwrt_release: 18.06.2 -openwrt_arch: ar71xx +openwrt_arch: ath79 openwrt_target: generic -openwrt_profile: tl-wdr3500-v1 +openwrt_profile: tplink_tl-wdr3500-v1 openwrt_output_image_suffixes: - - "generic-{{ openwrt_profile }}-squashfs-sysupgrade.bin" + - "{{ openwrt_target }}-{{ openwrt_profile }}-squashfs-sysupgrade.bin" openwrt_packages_remove: - ppp - ppp-mod-pppoe - dnsmasq - firewall + - firewall4 - odhcpd - odhcpd-ipv6only + - wpad-basic-wolfssl openwrt_packages_add: + - wpad-wolfssl - haveged - htop - ip @@ -29,12 +30,28 @@ openwrt_packages_add: openwrt_mixin: + /etc/sysctl.conf: + content: | + # Defaults are configured in /etc/sysctl.d/* and can be customized in this file + # + # disable IP forwarding, we don't need it since we are + # only an AP that bridges VLANs to Wifi SSIDs + net.ipv4.conf.default.forwarding=0 + net.ipv4.conf.all.forwarding=0 + net.ipv4.ip_forward=0 + net.ipv6.conf.default.forwarding=0 + net.ipv6.conf.all.forwarding=0 + /etc/dropbear/authorized_keys: content: "{{ ssh_keys_root | join('\n') }}\n" /etc/htoprc: file: "{{ global_files_dir }}/common/htoprc" + /usr/bin/list-stations: + mode: "0755" + file: "{{ global_files_dir }}/common/openwrt/list-stations" + openwrt_uci: system: @@ -51,17 +68,14 @@ openwrt_uci: enabled: '1' enable_server: '0' server: - - '0.lede.pool.ntp.org' - - '1.lede.pool.ntp.org' - - '2.lede.pool.ntp.org' - - '3.lede.pool.ntp.org' + - '192.168.2.254' dropbear: - name: dropbear options: PasswordAuth: 'off' RootPasswordAuth: 'off' - Port: '{{ ansible_port | default(22) }}' + Port: '{{ ansible_port }}' p910nd: - name: p910nd @@ -78,7 +92,7 @@ openwrt_uci: - name: interface 'loopback' options: - ifname: lo + device: lo proto: static ipaddr: 127.0.0.1 netmask: 255.0.0.0 @@ -93,19 +107,24 @@ openwrt_uci: options: device: switch0 vlan: 1 - ports: 0 1 2 3 4 + ports: 1 2 3 4 0t - - name: interface 'lan' + - name: device options: - ifname: eth0 - force_link: 1 + name: br-lan type: bridge + ports: + - eth0.1 + + - name: interface 'lan' + options: + device: br-lan proto: static ipaddr: 192.168.2.201 netmask: 255.255.255.0 gateway: 192.168.2.254 dns: - - 192.168.2.254 + - 192.168.2.254 - name: interface 'wan' options: @@ -116,20 +135,21 @@ openwrt_uci: - name: wifi-device 'radio5g' options: type: mac80211 + band: 5g + country: AT path: "pci0000:00/0000:00:00.0" - hwmode: 11a htmode: HT20 - country: AT txpower: 19 - - name: wifi-device 'radio2g4' + - name: wifi-device 'radio2g' options: type: mac80211 - path: "platform/ar934x_wmac" - hwmode: 11g - htmode: HT20 - channel: 4 + channel: 5 + band: 2g country: AT + path: "platform/ahb/18100000.wmac" + htmode: HT20 + cell_density: 0 txpower: 20 - name: wifi-iface wds5g @@ -138,15 +158,13 @@ openwrt_uci: network: lan mode: sta wds: 1 - disassoc_low_ack: 1 - rsn_preauth: 1 ssid: "chaosWDS" encryption: 'psk2+ccmp' key: '{{ vault_wifi_keys.wds_mz }}' - - name: wifi-iface lan2g4 + - name: wifi-iface lan2g options: - device: radio2g4 + device: radio2g network: lan mode: ap disassoc_low_ack: 1 -- cgit v1.2.3