From bd79a4c885e19e31eac29abc3cabec47326aa6e4 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 18 Jul 2021 23:30:36 +0200
Subject: reconfigure ele-router (WIP)

---
 inventory/host_vars/ele-router.yml | 98 +++-----------------------------------
 1 file changed, 7 insertions(+), 91 deletions(-)

(limited to 'inventory')

diff --git a/inventory/host_vars/ele-router.yml b/inventory/host_vars/ele-router.yml
index 520bd751..1f795cd9 100644
--- a/inventory/host_vars/ele-router.yml
+++ b/inventory/host_vars/ele-router.yml
@@ -39,49 +39,9 @@ network_internal_zone_names: "{{ network_internal_zone_names__wan + network_inte
 
 
 openwrt_network_external:
-  - name: switch_vlan
-    options:
-      device: 'switch0'
-      ## for some reason vlan-id 502 does not work. why??
-      #vlan: '{{ network_zones.forum_a1.vlan }}'
-      vlan: '1'
-      ports: '4 6t'
-
-  - name: interface 'wanforum'
-    options:
-      ## for some reason vlan-id 502 does not work. why??
-      #ifname: 'eth0.{{ network_zones.forum_a1.vlan }}'
-      ifname: 'eth0.1'
-      proto: dhcp
-      defaultroute: '0' ## see static route 'forumdefault' below
-      accept_ra: 0
-
-  - name: rule
-    options:
-      priority: 40000
-      lookup: 101
-
-  - name: route 'forumdefault'
-    options:
-      interface: 'wanforum'
-      table: 101
-      target: '0.0.0.0/0'
-      gateway: 192.168.0.254 ## A1 router @ForumStadtpark uses this address
-
-
-  - name: switch_vlan
-    options:
-      device: 'switch0'
-      ## for some reason vlan-id 502 does not work. why??
-      #vlan: '{{ network_zones.funkfeuer.vlan }}'
-      vlan: '2'
-      ports: '3 6t'
-
   - name: interface 'wanff'
     options:
-      ## for some reason vlan-id 502 does not work. why??
-      #ifname: 'eth0.{{ network_zones.funkfeuer.vlan }}'
-      ifname: 'eth0.2'
+      ifname: 'eth5'
       proto: static
       ipaddr: "{{ network_zones.funkfeuer.prefix | ipaddr(network_zones.funkfeuer.offsets[inventory_hostname]) | ipaddr('address') }}"
       netmask: "{{ network_zones.funkfeuer.prefix | ipaddr('netmask') }}"
@@ -107,19 +67,9 @@ openwrt_network_external:
       gateway: "{{ network_zones.funkfeuer.gateway }}"
 
 
-  - name: switch_vlan
-    options:
-      device: 'switch0'
-      ## for some reason vlan-id 512 does not work. why??
-      #vlan: '{{ network_zones.datacop_lte.vlan }}'
-      vlan: '3'
-      ports: '2 6t'
-
   - name: interface 'wanlte'
     options:
-      ## for some reason vlan-id 512 does not work. why??
-      #ifname: 'eth0.{{ network_zones.datacop_lte.vlan }}'
-      ifname: 'eth0.3'
+      ifname: 'eth4'
       proto: static
       ipaddr: "{{ network_zones.datacop_lte.prefix | ipaddr(network_zones.datacop_lte.offsets[inventory_hostname]) | ipaddr('address') }}"
       netmask: "{{ network_zones.datacop_lte.prefix | ipaddr('netmask') }}"
@@ -149,12 +99,6 @@ openwrt_network_external:
 openwrt_network_internal: "{{ openwrt_network_internal_yaml | from_yaml }}"
 openwrt_network_internal_yaml: |
   {% for zone_name in network_internal_zone_names %}
-  - name: switch_vlan
-    options:
-      device: 'switch0'
-      vlan: '{{ network_zones[zone_name].vlan }}'
-      ports: '0t 6t'
-
   - name: "interface '{{ zone_name }}'"
     options:
       ifname: "eth0.{{ network_zones[zone_name].vlan }}"
@@ -184,18 +128,6 @@ openwrt_network_base:
       ipaddr: 127.0.0.1
       netmask: 255.0.0.0
 
-  - name: switch
-    options:
-      name: 'switch0'
-      reset: '1'
-      enable_vlan: '1'
-
-  - name: switch_vlan
-    options:
-      device: 'switch0'
-      vlan: '{{ network_mgmt_zone.vlan }}'
-      ports: '0t 1 6t'
-
   - name: interface 'mgmt'
     options:
       ifname: "eth0.{{ network_mgmt_zone.vlan }}"
@@ -206,11 +138,6 @@ openwrt_network_base:
 
 
 openwrt_dhcp_external:
-  - name: dhcp 'wanforum'
-    options:
-      interface: 'wanforum'
-      ignore: '1'
-
   - name: dhcp 'wanff'
     options:
       interface: 'wanff'
@@ -271,12 +198,12 @@ openwrt_dhcp_base:
 
 
 openwrt_variant: openwrt
-openwrt_release: 19.07.1
-openwrt_arch: ramips
-openwrt_target: mt7621
-openwrt_profile: ubnt-erx
+openwrt_release: 19.07.7
+openwrt_arch: x86
+openwrt_target: 64
+openwrt_profile: Generic
 openwrt_output_image_suffixes:
-  - "{{ openwrt_profile }}-squashfs-sysupgrade.bin"
+  - "combined-ext4.img.gz"
 
 openwrt_packages_remove:
   - ppp
@@ -361,7 +288,6 @@ openwrt_mixin:
       STOP=91
 
       start() {
-        WAN_IF=$(uci get network.wanforum.ifname)
         FF_IF=$(uci get network.wanff.ifname)
         LTE_IF=$(uci get network.wanlte.ifname)
         MGMT_IF=$(uci get network.mgmt.ifname)
@@ -373,10 +299,6 @@ openwrt_mixin:
         iptables -A INPUT -i "$MGMT_IF" -d "$MGMT_IPADDR" -s "$MGMT_IPADDR/$MGMT_NETMASK" -j ACCEPT
 
         ### todo: limit the destination address?
-        iptables -A INPUT -i "$WAN_IF" -p icmp -j ACCEPT
-        iptables -A INPUT -i "$WAN_IF" -p tcp --dport {{ ansible_port }} -j ACCEPT
-        iptables -A INPUT -i "$WAN_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-
         iptables -A INPUT -i "$FF_IF" -p icmp -j ACCEPT
         iptables -A INPUT -i "$FF_IF" -p tcp --dport {{ ansible_port }} -j ACCEPT
         iptables -A INPUT -i "$FF_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
@@ -453,12 +375,6 @@ openwrt_uci:
           - '2.lede.pool.ntp.org'
           - '3.lede.pool.ntp.org'
 
-    - name: gpio_switch 'poe_passthrough'
-      options:
-        name: 'PoE Passthrough'
-        gpio_pin: '0'
-        value: '0'
-
   dropbear:
     - name: dropbear
       options:
-- 
cgit v1.2.3