blob: c85f05f5ab73b514f30996c1cc0558f8f5cb0b1c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
---
accesspoint_wired_interface: eth0
accesspoint_wireless_device_paths:
2g4: "platform/qca956x_wmac"
5g: "pci0000:00/0000:00:00.0"
accesspoint_wireless_frequencies:
- 2g4
- 5g
accesspoint_network_base:
- name: globals 'globals'
options:
ula_prefix: "fc{{ '%02x:%04x:%04x' | format((255 | random(seed=inventory_hostname + '0')), (65535 | random(seed=inventory_hostname + '1')), (65535 | random(seed=inventory_hostname + '2'))) }}::/48"
- name: interface 'loopback'
options:
ifname: lo
proto: static
ipaddr: 127.0.0.1
netmask: 255.0.0.0
- name: interface 'mgmt'
options:
ifname: "{{ accesspoint_wired_interface }}.{{ network_zones.mgmt.vlan }}"
accept_ra: 0
proto: static
ipaddr: "{{ network_zones.mgmt.prefix | ipaddr(network_zones.mgmt.offsets[inventory_hostname]) | ipaddr('address') }}"
netmask: "{{ network_zones.mgmt.prefix | ipaddr('netmask') }}"
accesspoint_network_zones: {}
accesspoint_wireless_devices:
- name: wifi-device 'radio5g'
options:
type: 'mac80211'
channel: "{{ accesspoint_wifi_channels['5g'][inventory_hostname] }}"
hwmode: '11a'
country: AT
path: "{{ accesspoint_wireless_device_paths['5g'] }}"
htmode: 'VHT80'
- name: wifi-device 'radio2g4'
options:
type: 'mac80211'
channel: "{{ accesspoint_wifi_channels['2g4'][inventory_hostname] }}"
hwmode: '11g'
country: AT
path: "{{ accesspoint_wireless_device_paths['2g4'] }}"
htmode: 'HT20'
accesspoint_wireless_ifaces: {}
openwrt_variant: openwrt
openwrt_release: 18.06.1
openwrt_arch: ar71xx
openwrt_target: generic
openwrt_profile: ubnt-unifiac-lite
openwrt_output_image_suffixes:
- "generic-{{ openwrt_profile }}-squashfs-sysupgrade.bin"
openwrt_packages_remove:
- ppp
- ppp-mod-pppoe
- dnsmasq
- firewall
- odhcpd
- odhcpd-ipv6only
openwrt_packages_add:
- haveged
- htop
- ip
- less
- nano
- tcpdump-mini
openwrt_mixin:
/etc/sysctl.conf:
content: |
# Defaults are configured in /etc/sysctl.d/* and can be customized in this file
#
# disable IP forwarding, we don't need it since we are
# only an AP that bridges VLANs to Wifi SSIDs
net.ipv4.conf.default.forwarding=0
net.ipv4.conf.all.forwarding=0
net.ipv4.ip_forward=0
net.ipv6.conf.default.forwarding=0
net.ipv6.conf.all.forwarding=0
/etc/dropbear/authorized_keys:
content: "{{ ssh_keys_root | join('\n') }}\n"
/etc/htoprc:
file: "{{ global_files_dir }}/common/htoprc"
openwrt_uci:
system:
- name: system
options:
hostname: '{{ inventory_hostname }}'
timezone: 'CET-1CEST,M3.5.0,M10.5.0/3'
ttylogin: '0'
log_size: '64'
urandom_seed: '0'
- name: timeserver 'ntp'
options:
enabled: '1'
enable_server: '0'
server:
- '0.lede.pool.ntp.org'
- '1.lede.pool.ntp.org'
- '2.lede.pool.ntp.org'
- '3.lede.pool.ntp.org'
dropbear:
- name: dropbear
options:
PasswordAuth: 'off'
RootPasswordAuth: 'off'
Port: '22000'
network: "{{ accesspoint_network_base + accesspoint_network_zones }}"
wireless: "{{ accesspoint_wireless_devices + accesspoint_wireless_ifaces }}"
|
