docs, config and ansible stuff for the "Erstaufnahmeeinrichtung Am Deutschen Platz"
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Gregor Michels f481f91e5f incident - 2022.07.23: update regarding facility access 3 weeks ago
ansible-environment add venv for ansible 2 months ago
documentation incident - 2022.07.23: update regarding facility access 3 weeks ago
files wifi.lua: add wifi_clients metric 4 weeks ago
password-store pass: add entry for gigacube-E950 3 weeks ago
templates monitoring: fix prometheus instance generation from inventory 1 month ago
.gitignore add a way to build an offline copy of the documentation 2 months ago README: fix documentation link 2 months ago
ansible-environment.txt venv: upgrade to ansible 6.1.0 4 weeks ago
ansible-inventory rename some ansible files/directories 2 months ago
ansible.cfg rename some ansible files/directories 2 months ago
environment environment: also configure http(s) proxy and enter python venv 2 months ago
playbook_create_ssh_config.yml playbook_create_ssh_config: make jumphosts possible 2 months ago
playbook_distribute_authorized_keys.yml playbook_distribute_authorized_keys: make available on all platforms! 2 months ago
playbook_provision_accesspoints.yml accesspoints: add wifi clients metrics into prometheus 4 weeks ago
playbook_provision_backbone.yml poc for tunnel provisioning 2 months ago
playbook_provision_eap-adp-jump01.yml eae-adp-jump01: install prometheus node_exporter 2 months ago
playbook_provision_hyper01.yml add playbook_provision_hyper01 2 months ago
playbook_provision_monitoring.yml monitoring: rename ansible install prometheus task 1 month ago

Freifunk Leipzig - Erstaufnahme Einrichtung - Am Deutschen Platz

This repo contains the config and documentation for our installation at the "Erstaufnahme Einrichtung - Am Deutschen Platz"

this is a work in progress



  • pass (password manager)
  • pandoc (offline documentation generation)
  • python3 (ansible)
  • python3-venv (ansible)
  • rsync (ansible)

Initial Setup

  1. install requirements
  2. clone repo and change directory: git clone && cd ffl-aea-adp
  3. create python3 virtual enviroment: python3 -m venv ansible-environment
  4. enter python3 virtual environment: . ansible-environment/bin/activate
  5. install ansible and dependencies: pip3 install -r ansible-environment.txt
  6. import all gpg keys for pass: gpg --import files/gpg/*
  7. trust all imported gpg keys: gpg --edit-key <id> with trust and 5 for every key
  8. create ssh_config with all hosts: ansible-playbook playbook_create_ssh_config.yml (use -e jumphost=eae-adp-jump01 to configure ssh to use eae-adp-jump01 as the jump host)
  9. leave python3 virtual environment: deactivate

Daily Usage

Before doing enything you need to enter the environment: . environment

After using playbook_create_ssh_config.yml you can call ssh simply with the name of the machine (ie. ssh gw-core01). The ssh_config file is generated from the ansible-inventory. Should something in the inventory change or you want to use/change the jumphost simply reexecute the playbook.

Passwords managed using pass. Simply call pass after sourcing the environment.


  • environment: configure environment (path to pass store, http(s) socks proxy and python venv for ansible)
  • playbook_create_ssh_config.yml: playbook to create an additional ssh_config file (.ssh/ffl_eae_adp_config) that get's included in the default ssh_config
  • playbook_distribute_authorized_keys.yml: deploy files/authorized_keys on all machines
  • playbook_provision_accesspoints.yml: configure accesspoints
  • playbook_provision_backbone.yml: configure wg tunnel and ospf link between gw-core01 and eae-adp-jump01
  • playbook_provision_eap-adp-jump01.yml: general system configuration for eae-adp-jump01 (monitoring, routing, ...)
  • playbook_provision_hyper01.yml: general system configuration for hyper01 and create vms/containers
  • playbook_provision_monitoring.yml: configure and install prometheus and grafana on monitoring01