Skip to content
Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
45 lines (29 sloc) 3.57 KB
scp ${process.env.HOME}/.ssh/id_rsa.pub ${config.mikrotik.default_username}@${config.mikrotik.default_ip}:/
ssh ${config.mikrotik.default_username}@${config.mikrotik.default_ip} << EOF
/interface bridge add name=${config.mikrotik.bridge_guest.name}
/interface vlan add interface=wlan1 name=${config.mikrotik.guest_vlan.name} vlan-id=${config.mikrotik.guest_vlan.id}
/ip pool add name=${config.mikrotik.dhcp_guest.name} ranges=${config.mikrotik.dhcp_guest.dhcp_range}
/ip dhcp-server add address-pool=${config.mikrotik.dhcp_guest.name} disabled=no interface=${config.mikrotik.bridge_guest.name} name=${config.mikrotik.dhcp_guest.server_name}
/interface bridge port add bridge=${config.mikrotik.bridge_guest.name} interface=${config.mikrotik.guest_vlan.name}
/ip address add address=${config.mikrotik.dhcp_guest.gateway}/${config.mikrotik.dhcp_guest.subnet_mask} interface=${config.mikrotik.bridge_guest.name} network=${config.mikrotik.dhcp_guest.network}
/ip dhcp-server network add address=${config.mikrotik.dhcp_guest.network}/${config.mikrotik.dhcp_guest.subnet_mask} gateway=${config.mikrotik.dhcp_guest.gateway}
/ip firewall filter add action=drop chain=forward in-interface=${config.mikrotik.bridge_guest.name} out-interface=bridge
/interface ethernet set ${config.mikrotik.wan_interface} mac-address=${config.mikrotik.mac_address}
/ip address add address=${config.mikrotik.ip_address}/${config.mikrotik.subnet_mask} interface=${config.mikrotik.wan_interface}
/ip route add gateway=${config.mikrotik.gateway}
/ip dns set servers=${config.mikrotik.dns_servers}
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=${config.mikrotik.nat_destination_ip} protocol=tcp in-interface=ether1 dst-port=${config.mikrotik.tcp_nat.join(',')} log=no
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=${config.mikrotik.nat_destination_ip} protocol=udp in-interface=ether1 dst-port=${config.mikrotik.udp_nat.join(',')} log=no
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=${config.mikrotik.nat_destination_ip} protocol=tcp dst-address=${config.mikrotik.ip_address} dst-port=${config.mikrotik.tcp_nat.join(',')} log=no log-prefix=""
/ip firewall nat add chain=srcnat action=masquerade protocol=tcp src-address=192.168.88.0/24 dst-address=${config.mikrotik.nat_destination_ip} out-interface=bridge dst-port=${config.mikrotik.tcp_nat.join(',')} log=no log-prefix=""
/user add name=${process.env.LOGNAME} group=full comment="Username matching host machine's active user" disabled=no
/user ssh-keys import public-key-file=id_rsa.pub user=${process.env.LOGNAME}
/interface wireless security-profiles add name=guests authentication-types=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="${config.mikrotik.guest_wifi.password}"
/interface wireless set wlan1 ssid="${config.mikrotik.guest_wifi.ssid}" security-profile=guests vlan-id=${config.mikrotik.guest_vlan.id} vlan-mode=use-tag
/interface wireless security-profiles add name=${process.env.LOGNAME} authentication-types=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="${config.mikrotik.main_wifi.password}"
/interface wireless set wlan2 ssid="${config.mikrotik.main_wifi.ssid}" security-profile=${process.env.LOGNAME}
${config.mikrotik.dhcp_static.map(machine => `/ip dhcp-server lease add address=${machine.ip} mac-address=${machine.mac} comment="${machine.comment}"`).join("\n ")}
/system clock set time-zone-name=${config.mikrotik.timezone}
/system routerboard settings set silent-boot=yes
/ip service set www port=${config.mikrotik.webfig_port}
EOF
You can’t perform that action at this time.