Mapserver: fastd + batman-adv + radvd
This commit is contained in:
commit
1c88ead09a
|
@ -0,0 +1 @@
|
||||||
|
/envfile
|
|
@ -0,0 +1,18 @@
|
||||||
|
# Ein vollständiger Kartenserver für Freifunk-Leipzig
|
||||||
|
|
||||||
|
## Architektur
|
||||||
|
|
||||||
|
### fastd
|
||||||
|
|
||||||
|
Der fastd-Container verbindet sich mit ein oder mehreren peers im
|
||||||
|
Freifunk-Netz uvia fastd und startet batman-adv, um das peering herzustellen.. Über diese Verbindung können IPV6-Broadcasts der Knoten empfangen werden, über die die Kartendaten zusammengestellt werden.
|
||||||
|
|
||||||
|
Umgebungsvariablen:
|
||||||
|
|
||||||
|
* FASTD_MTU (benötigt): MTU der fastd-Verbindung
|
||||||
|
* FASTD_PEER1_NAME (default: peer1): Name des ersten peers
|
||||||
|
* FASTD_PEER1_REMOTE (benötigt): Remote-Adresse des Peers in fastd Syntax, z.B. `"gluon20162a61.leipzig.freifunk.net" port 1006`
|
||||||
|
* FASTD_PEER1_KEY (benötigt): öffentlicher Schlüssel des Peers
|
||||||
|
* FASTD_PEER`n`_NAME (optional): weitere Peers (fortlaufend numeriert)
|
||||||
|
* FASTD_LOG_LEVEL (default: info)
|
||||||
|
* IPV6_PREFIX (optional): Prefix für radvd, nötig um hosts im Netz über ihre nicht-link-lokale IPv6 anzupingen. z.B. `fdef:ffc0:7030::/64`
|
|
@ -0,0 +1,11 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
version: '3.4'
|
||||||
|
services:
|
||||||
|
fastd:
|
||||||
|
build: ./fastd
|
||||||
|
env_file: envfile
|
||||||
|
privileged: true # required to create the tap device
|
||||||
|
sysctls:
|
||||||
|
net.ipv6.conf.all.disable_ipv6: 0 # enable ipv6 withn container
|
||||||
|
stop_grace_period: 0s
|
|
@ -0,0 +1,20 @@
|
||||||
|
# Example configuration. Copy to "envfile" and modify to your needs
|
||||||
|
|
||||||
|
# Fastd settings
|
||||||
|
FASTD_MTU=1426
|
||||||
|
|
||||||
|
FASTD_PEER1_NAME=vpngluon1
|
||||||
|
FASTD_PEER1_REMOTE="gluon1.leipzig.freifunk.net" port 10061
|
||||||
|
FASTD_PEER1_KEY=1111111111111111111111111111111111111111111111111111111111111111
|
||||||
|
|
||||||
|
|
||||||
|
FASTD_PEER1_NAME=vpngluon2
|
||||||
|
FASTD_PEER1_REMOTE="gluon2.leipzig.freifunk.net" port 10061
|
||||||
|
FASTD_PEER1_KEY=1111111111111111111111111111111111111111111111111111111111111111
|
||||||
|
|
||||||
|
|
||||||
|
FASTD_PEER1_NAME=vpngluon3
|
||||||
|
FASTD_PEER1_REMOTE="gluon3.leipzig.freifunk.net" port 10061
|
||||||
|
FASTD_PEER1_KEY=1111111111111111111111111111111111111111111111111111111111111111
|
||||||
|
|
||||||
|
IPV6_PREFIX=fdef:ffc0:7030::/64
|
|
@ -0,0 +1,12 @@
|
||||||
|
FROM debian:bullseye-backports
|
||||||
|
|
||||||
|
RUN apt-get update && \
|
||||||
|
apt-get -y --no-install-recommends install \
|
||||||
|
fastd batctl iproute2 \
|
||||||
|
net-tools inetutils-ping procps \
|
||||||
|
radvd radvdump tcpdump ndisc6 \
|
||||||
|
bash curl
|
||||||
|
|
||||||
|
ADD entrypoint.sh /entrypoint.sh
|
||||||
|
|
||||||
|
CMD /entrypoint.sh
|
|
@ -0,0 +1,71 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# check required env variables
|
||||||
|
: "${FASTD_MTU:? must be set}"
|
||||||
|
: "${FASTD_PEER1_REMOTE:? must be set}"
|
||||||
|
: "${FASTD_PEER1_KEY:? must be set}"
|
||||||
|
|
||||||
|
# set some defaults
|
||||||
|
: "${FASTD_LOG_LEVEL:=info}"
|
||||||
|
|
||||||
|
mkdir -p /config/fastd/peers
|
||||||
|
cat << EOF > /config/fastd/fastd.conf
|
||||||
|
log level ${FASTD_LOG_LEVEL};
|
||||||
|
bind any:10061;
|
||||||
|
mode tap;
|
||||||
|
interface "mesh-vpn";
|
||||||
|
method "salsa2012+umac";
|
||||||
|
method "salsa2012+gmac";
|
||||||
|
method "null+salsa2012+umac";
|
||||||
|
method "null";
|
||||||
|
mtu ${FASTD_MTU};
|
||||||
|
secret "$( fastd --generate-key 2>/dev/null | grep -e Secret | awk '{ print $2 }' )";
|
||||||
|
on up "
|
||||||
|
ip link set up dev mesh-vpn
|
||||||
|
batctl if add mesh-vpn
|
||||||
|
ifconfig bat0 up
|
||||||
|
$( -z "${IPV6_PREFIX}" || echo "radvd -C /config/radvd.conf" )
|
||||||
|
";
|
||||||
|
include peers from "peers";
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# generate peers
|
||||||
|
i=1
|
||||||
|
while true; do
|
||||||
|
r="FASTD_PEER${i}_REMOTE"
|
||||||
|
k="FASTD_PEER${i}_KEY"
|
||||||
|
n="FASTD_PEER${i}_NAME"
|
||||||
|
if [ -z "${!r}${!k}${!n}" ]; then
|
||||||
|
# break after last defined peer
|
||||||
|
break;
|
||||||
|
fi
|
||||||
|
name=${!n:-peer$[i]}
|
||||||
|
remote=${!r}
|
||||||
|
key=${!k}
|
||||||
|
: ${remote:? ${r} must be set}
|
||||||
|
: ${key:? ${k} must be set}
|
||||||
|
|
||||||
|
cat << EOF > "config/fastd/peers/${name}"
|
||||||
|
key "${key}";
|
||||||
|
remote ${remote};
|
||||||
|
EOF
|
||||||
|
|
||||||
|
i=$(( i + 1 ))
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ ! -z "${IPV6_PREFIX}" ]; then
|
||||||
|
cat << EOF > "config/radvd.conf"
|
||||||
|
interface bat0
|
||||||
|
{
|
||||||
|
AdvSendAdvert on;
|
||||||
|
prefix fdef:ffc0:7030::/64 {
|
||||||
|
AdvOnLink on;
|
||||||
|
AdvAutonomous on;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec fastd --config /config/fastd/fastd.conf
|
Reference in New Issue