Mado config added

yanosz · May 14, 2017 · 0a8197a · 0a8197a
1 parent ec3615b
commit 0a8197a
Show file tree

Hide file tree

Showing 18 changed files with 566 additions and 123 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 bin/**
 lede-imagebuilder-17.01.1-ar71xx-generic.Linux-x86_64*
 lede-imagebuilder-17.01.1-ar71xx-generic.Linux-x86_64/**
+secrets.yml
diff --git a/Rakefile b/Rakefile
@@ -1,32 +1,38 @@
 require "erb"
 require "rake"
 require 'yaml'
+require 'gpgme'
 
-DOWNLOAD_BASE='https://downloads.lede-project.org/releases/17.01.1/targets/ar71xx/generic/'
-SDK_BASE="lede-imagebuilder-17.01.1-ar71xx-generic.Linux-x86_64"
-NODES_FILE="nodes.yml"
-FIRMWARE_FILE="bin/targets/ar71xx/generic/lede-17.01.1-ar71xx-generic-tl-wdr3600-v1-squashfs-sysupgrade.bin"
-PROFILE="tl-wdr3600-v1"
-PACKAGES="ip collectd collectd-mod-ping collectd-mod-network collectd-mod-wireless uhttpd luci babeld batctl bird4-uci bird4 bird6-uci bird6 birdc4 birdc6 birdcl4 birdcl6 collectd-mod-wireless collectd-mod-cpu collectd-mod-load collectd-mod-memory collectd-mod-interface"
+LEDE_VERSION="17.01.1"
+PLATFORM="ar71xx"
+PLATFORM_TYPE="generic"
 
+DOWNLOAD_BASE="https://downloads.lede-project.org/releases/#{LEDE_VERSION}/targets/#{PLATFORM}/#{PLATFORM_TYPE}/"
+SDK_BASE="lede-imagebuilder-#{LEDE_VERSION}-#{PLATFORM}-#{PLATFORM_TYPE}.Linux-x86_64"
 
 task :default => :generate_all
 task :generate_all => :install_sdk do
+
+  if (! (File.exists? 'secrets.yml'))
+    raise "\n \t >>> Please decrypt secrets.yml.gpg first \n\n\n"
+  end
+  secrets = YAML.load_file("secrets.yml")
+
   # Default Generate config for all nodes
-  nodes = YAML.load_file(NODES_FILE)
-  nodes.values.each {|v| generate_node v}
+  nodes = YAML.load_file("nodes.yml")
+  nodes.values.each {|v| generate_node v,secrets}
 end
 
-def generate_node(node_cfg)
+def generate_node(node_cfg,secrets)
   dir_name = "#{SDK_BASE}/files_generated"
 
   prepare_directory(dir_name)
   #Evaluate templates
   Dir.glob("#{dir_name}/**/*.erb").each do |erb_file|
     basename = erb_file.gsub '.erb',''
-    process_erb(node_cfg,erb_file,basename)    
+    process_erb(node_cfg,erb_file,basename,secrets)    
   end
-  generate_firmware(node_cfg['hostname'])
+  generate_firmware(node_cfg['hostname'], node_cfg['profile'], node_cfg['packages'])
 
 end
 
@@ -38,16 +44,23 @@ def prepare_directory(dir_name)
   FileUtils.cp_r 'files', dir_name, :preserve => true
 end
 
-def process_erb(node,erb,base)
+def process_erb(node,erb,base,secrets)
   @node = node
+  @secrets = secrets
   template = ERB.new File.new(erb).read
   File.open(base, 'w') { |file| file.write(template.result) }
   FileUtils.rm erb
 end
 
-def generate_firmware(node_name)
-  system("make -C #{SDK_BASE}  image PROFILE=#{PROFILE} PACKAGES='#{PACKAGES}'  FILES=./files_generated")
-  FileUtils.mv "#{SDK_BASE}/#{FIRMWARE_FILE}", "bin/#{node_name}.bin"
+def generate_firmware(node_name,profile,packages)
+  system("rm -R #{SDK_BASE}/bin/*")
+  system("make -C #{SDK_BASE}  image PROFILE=#{profile} PACKAGES='#{packages}'  FILES=./files_generated")
+  FileUtils.mv(
+    "#{SDK_BASE}/bin/targets/#{PLATFORM}/#{PLATFORM_TYPE}/lede-#{LEDE_VERSION}-#{PLATFORM}-#{PLATFORM_TYPE}-#{profile}-squashfs-sysupgrade.bin", 
+    "bin/#{node_name}-sysupgrade.bin")
+  FileUtils.mv(
+    "#{SDK_BASE}/bin/targets/#{PLATFORM}/#{PLATFORM_TYPE}/lede-#{LEDE_VERSION}-#{PLATFORM}-#{PLATFORM_TYPE}-#{profile}-squashfs-factory.bin", 
+    "bin/#{node_name}-factory.bin")
 end
 
 task :install_sdk do 

diff --git a/files/etc/collectd.conf → files/etc/collectd.conf.erb b/files/etc/collectd.conf → files/etc/collectd.conf.erb
@@ -8,32 +8,28 @@ BaseDir     "/var/lib/collectd"
 PIDFile     "/var/run/collectd.pid"
 #PluginDir  "/usr/lib/collectd"
 #TypesDB    "/usr/share/collectd/types.db"
-Interval    1
+Interval    60
 ReadThreads 2
 LogLevel 4
 
 LoadPlugin network
 LoadPlugin ping
 LoadPlugin interface
 LoadPlugin load
-LoadPlugin ping
-LoadPlugin rrdtool
 LoadPlugin cpu
-LoadPlugin network
 LoadPlugin memory
-
+LoadPlugin wireless
 
 
 
 <Plugin "network">
-	Server "10.0.0.4" "25826"
+	Server "192.168.101.2" "25826"
 </Plugin>
 
+<% if @node['routes_to_vpn'] %>
 <Plugin "ping">
-        Host "10.0.0.4"
-#	Host "fda1:987a:cc9:1::1"
-#	Host "fda1:987a:cc9:2::1"
-#	Host "fda1:987a:cc9:3::1"
-#	Host "fda1:987a:cc9:4::1"
-#	Host "fda1:987a:cc9:5::1"
+	Host "chaosnetz.org"
+	Host "omni.freifunk-koeln.de"
+	Host "yagi.freifunk-koeln.de"
 </Plugin>
+<% end %>
diff --git a/files/etc/config/dhcp.erb b/files/etc/config/dhcp.erb
@@ -0,0 +1,56 @@
+config dnsmasq
+        option domainneeded '1'
+        option boguspriv '1'
+        option filterwin2k '0'
+        option localise_queries '1'
+        option rebind_protection '1'
+        option rebind_localhost '1'
+        option local '/lan/'
+        option domain 'lan'
+        option expandhosts '1'
+        option nonegcache '0'
+        option authoritative '1'
+        option readethers '1'
+        option leasefile '/tmp/dhcp.leases'
+        option resolvfile '/tmp/resolv.conf.auto'
+        option localservice '1'
+
+config dhcp 'lan'
+        option interface 'lan'
+<% if @node['dhcp_lan'] && @node['dhcp_lan']['start'] %>
+        option leasetime '12h'
+        option dhcpv6 'none' # Disabled, da IPv6-Routing issues auf omni
+        option ra 'none'     # Disabled, da IPv6-Routing issues auf omni
+        option ra_management '0'
+        option start '<%= @node['dhcp_lan']['start'] %>'
+        option limit '<%= @node['dhcp_lan']['limit'] %>'
+<% else %>
+        option ignore '1'
+<% end %>
+
+config dhcp 'wan'
+        option interface 'wan'
+        option ignore '1'
+
+config dhcp 'fastd_exit'
+        option interface 'fastd_exit'
+        option ignore '1'
+
+config dhcp 'pptp_exit'
+        option interface 'pptp_exit'
+        option ignore '1'
+
+config dhcp 'fastd_exit6'
+        option interface 'fastd_exit6'
+        option ignore '1'
+
+config dhcp 'pptp_exit6'
+        option interface 'pptp_exit6'
+        option ignore '1'
+
+
+config odhcpd 'odhcpd'
+        option maindhcp '0'
+        option leasefile '/tmp/hosts/odhcpd'
+        option leasetrigger '/usr/sbin/odhcpd-update'
+
diff --git a/files/etc/config/fastd.erb b/files/etc/config/fastd.erb
@@ -0,0 +1,46 @@
+config peer 'icvpn1'
+	option remote 'ipv4 "icvpn1.chaosnetz.org" port 10000'
+	option enabled '1'
+	option net 'backbone'
+	option key '26e72d1eadc61fbce48d6aa5363b9f31df3d024d162e122fec7b3f1ba3a234ad'
+
+config peer 'monitoring'
+        option remote 'ipv4 "monitoring.chaosnetz.org" port 10000'
+        option enabled '1'
+        option net 'backbone'
+        option key '0e93719bfe27d513f298699c21e37aaa13dbded778a2e70965692ff226c8cdd7'
+
+config fastd 'backbone'
+        option enabled '<%= @node['backbone_vpn'] %>'
+	option syslog_level 'warn'
+	option mode 'tap'
+	option interface 'fastd_bb'
+	option mtu '1426'
+	option forward '0'
+	option secure_handshakes '1'
+	list method 'salsa2012+umac'
+	option secret 'generate'
+
+config peer 'omni'
+        option remote 'ipv4 "omni.freifunk-koeln.de" port 10000'
+        option enabled '1'
+        option net 'fastd_exit'
+        option key '6f672534c14ef97ac242a6c0f7157aefda5364f9340aad06a0b5f21d8d291f41'
+
+config peer 'yagi'
+        option remote 'ipv4 "yagi.freifunk-koeln.de" port 10000'
+        option enabled '0'
+        option net 'fastd_exit'
+        option key 'e450da256d381e2d2a89f74a88509a59c6729738be0f6c0d987139e8e42bfc4c'
+
+config fastd 'fastd_exit'
+        option enabled '<%= @node["fastd_exit"] %>'
+        option syslog_level 'warn'
+        option mode 'tap'
+        option interface 'fastd_exit'
+        option mtu '1426'
+        option forward '0'
+        option secure_handshakes '1'
+        list method 'salsa2012+umac'
+        option secret 'generate'
+