--- ssh_keys_root: "{{ ssh_keys.equinox[env_group] + ssh_keys.datacop }}" openwrt_variant: openwrt openwrt_release: 19.07.1 openwrt_arch: x86 openwrt_target: geode openwrt_profile: Generic openwrt_output_image_suffixes: - "combined-ext4.img.gz" openwrt_packages_remove: - ppp - ppp-mod-pppoe - firewall - dnsmasq - odhcpd-ipv6only - linux-atm - kmod-pppoa - kmod-mppe - ppp-mod-pppoa - pppstats - pppdump - iwinfo - soloscli openwrt_packages_add: - haveged - htop - ip - less - nano - olsrd - olsrd-mod-txtinfo - tcpdump-mini - iperf - mtr openwrt_mixin: /etc/dropbear/authorized_keys: content: "{{ ssh_keys_root | join('\n') }}\n" /etc/htoprc: file: "{{ global_files_dir }}/common/htoprc" /etc/rc.local: | # Put your custom commands here that should be executed once # the system init finished. By default this file does nothing. PUBLIC_IP=193.33.151.58 # Hier die zugewiesene public IP eintragen PUBLIC_GW=10.12.34.56 ip tunnel add public mode ipip remote $PUBLIC_GW local $PUBLIC_IP ttl 255 ip link set public up ip addr add $PUBLIC_IP dev public ip route add default dev public table default ip rule add from all lookup 111 pref 20000 ip rule add from all lookup main pref 30000 ip rule del pref 32766 UHRTURM_IF=$(uci get network.uhrturm.ifname) ip rule add iif "$UHRTURM_IF" lookup 120 pref 31000 ip route add default via {{ network_zones.murat_transfer.prefix | ipaddr(network_zones.murat_transfer.offsets['ele-mur']) | ipaddr('address') }} table 120 iptables -t nat -A POSTROUTING -o public -j MASQUERADE iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o public -j TCPMSS --clamp-mss-to-pmtu source /lib/functions/network.sh i=0 while iface="$( uci -q get olsrd.@Interface[$i].interface )"; do case "$( uci -q get olsrd.@Interface[$i].ignore )" in 1|on|true|enabled|yes) # is disabled ;; *) if network_get_device device "$iface"; then ip rule add iif $device pref $(( i + 32000 )) lookup 112 else echo "Warning: device for OLSR Interface '$interface' not found, skipped" fi ;; esac i=$(( $i + 1 )) done exit 0 openwrt_uci: system: - name: system options: hostname: '{{ host_name }}' timezone: 'CET-1CEST,M3.5.0,M10.5.0/3' ttylogin: '0' log_size: '64' urandom_seed: '0' - name: timeserver 'ntp' options: enabled: '1' enable_server: '0' server: - '0.lede.pool.ntp.org' - '1.lede.pool.ntp.org' - '2.lede.pool.ntp.org' - '3.lede.pool.ntp.org' dropbear: - name: dropbear options: PasswordAuth: 'off' RootPasswordAuth: 'off' Port: '{{ ansible_port }}' network: - name: globals 'globals' options: ula_prefix: "fc{{ '%02x:%04x:%04x' | format((255 | random(seed=inventory_hostname + '0')), (65535 | random(seed=inventory_hostname + '1')), (65535 | random(seed=inventory_hostname + '2'))) }}::/48" - name: interface 'loopback' options: ifname: lo proto: static ipaddr: 127.0.0.1 netmask: 255.0.0.0 - name: interface 'unused' options: ifname: eth0 proto: none - name: interface 'uhrturm' options: ifname: eth1 proto: static ipaddr: "{{ network_zones.funkfeuer.prefix | ipaddr(network_zones.funkfeuer.offsets[inventory_hostname]) | ipaddr('address') }}" netmask: "{{ network_zones.funkfeuer.prefix | ipaddr('netmask') }}" - name: interface 'ff' options: ifname: eth2 proto: static ipaddr: 10.12.91.28 netmask: 255.255.0.0 dns: "{{ network_zones.funkfeuer.dns }}" - name: interface 'murattransfer' options: ifname: eth2 proto: static ipaddr: "{{ network_zones.murat_transfer.prefix | ipaddr(network_zones.murat_transfer.offsets[inventory_hostname]) | ipaddr('address') }}" netmask: "{{ network_zones.murat_transfer.prefix | ipaddr('netmask') }}" - name: interface 'public' options: ifname: public proto: none olsrd: - name: olsrd options: IpVersion: '4' FIBMetric: 'flat' LinkQualityLevel: '2' LinkQualityAlgorithm: 'etx_ff' OlsrPort: '698' UseNiit: 'no' SmartGateway: 'no' MainIp: 10.12.91.28 - name: LoadPlugin options: library: olsrd_txtinfo.so.1.1 accept: 127.0.0.1 - name: InterfaceDefaults options: Mode: ether - name: Interface options: interface: - ff IPv4Src: 10.12.91.28 - name: Hna4 options: netaddr: "{{ network_zones.funkfeuer.prefix | ipaddr('network') }}" netmask: "{{ network_zones.funkfeuer.prefix | ipaddr('netmask') }}"