eae-am-deutschen-platz/README.md

# Freifunk Leipzig - Erstaufnahme Einrichtung - Am Deutschen Platz

This repo contains the config and documentation for our installation at the "Erstaufnahme Einrichtung - Am Deutschen Platz"

---

**this is a work in progress**

---

## Quick Links

* [Documentation](documentation/MAIN.md)
* [Incidents](documentation/INCIDENTS.md)
* [Todo](documentation/TODO.md)

## Usage

### Requirements

* `pass`         (password manager)
* `pandoc`       (offline documentation generation)
* `python3`      (ansible)
* `python3-venv` (ansible)
* `rsync`        (ansible)

### Initial Setup

0. install requirements
1. clone repo and change directory:    `git clone https://git.sr.ht/~hirnpfirsich/ffl-eae-adp && cd ffl-aea-adp`
2. create python3 virtual enviroment:  `python3 -m venv ansible-environment`
3. enter python3 virtual environment:  `. ansible-environment/bin/activate`
4. install ansible and dependencies:   `pip3 install -r ansible-environment.txt`
5. import all gpg keys for `pass`:     `gpg --import files/gpg/*`
6. trust all imported gpg keys:        `gpg --edit-key <id>` with `trust` and `5` for every key
7. create `ssh_config` with all hosts: `ansible-playbook playbook_create_ssh_config.yml` (use `-e jumphost=eae-adp-jump01` to configure ssh to use `eae-adp-jump01` as the jump host)
8. leave python3 virtual environment:  `deactivate`

### Daily Usage

Before doing enything you need to enter the environment: `. environment`

After using `playbook_create_ssh_config.yml` you can call `ssh` simply with the name of the machine (ie. `ssh gw-core01`).
The `ssh_config` file is generated from the `ansible-inventory`.
Should something in the inventory change or you want to use/change the jumphost simply reexecute the playbook.

Passwords managed using `pass`. Simply call `pass` after sourcing the environment.

### Descriptions

* `environment`:                             configure environment (path to `pass` store, http(s) socks proxy and python venv for ansible)
* `playbook_create_ssh_config.yml`:          playbook to create an additional `ssh_config` file (`.ssh/ffl_eae_adp_config`) that get's included in the default `ssh_config`
* `playbook_distribute_authorized_keys.yml`: deploy `files/authorized_keys` on all machines
* `playbook_provision_accesspoints.yml`:     configure accesspoints
* `playbook_provision_backbone.yml`:         configure wg tunnel and ospf link between `gw-core01` and `eae-adp-jump01`
* `playbook_provision_eap-adp-jump01.yml`:   general system configuration for `eae-adp-jump01` (monitoring, routing, ...)
* `playbook_provision_hyper01.yml`:          general system configuration for `hyper01` and create vms/containers
* `playbook_provision_monitoring.yml`:       configure and install prometheus and grafana on `monitoring01`
add README.md 2022-06-30 23:48:44 +00:00			`# Freifunk Leipzig - Erstaufnahme Einrichtung - Am Deutschen Platz`

			`This repo contains the config and documentation for our installation at the "Erstaufnahme Einrichtung - Am Deutschen Platz"`

			`---`

cleanup README 2022-07-03 00:41:50 +00:00			`this is a work in progress`
add README.md 2022-06-30 23:48:44 +00:00
			`---`

cleanup README 2022-07-03 00:41:50 +00:00			`## Quick Links`
add README.md 2022-06-30 23:48:44 +00:00
README: fix documentation link Fixes: d4b3b616a53ab14ef149b04489a51904e5f378af 2022-07-03 01:27:31 +00:00			`* [Documentation](documentation/MAIN.md)`
documentation: fix style of link list 2022-07-01 00:01:42 +00:00			`* [Incidents](documentation/INCIDENTS.md)`
documentation: first rework * split-off overview and configuration * add eae-adp-jump01 into diagram * mention ospf link between gw-core01 and eae-adp-jump01 2022-07-03 01:25:42 +00:00			`* [Todo](documentation/TODO.md)`
cleanup README 2022-07-03 00:41:50 +00:00
			`## Usage`

			`### Requirements`

			* `pass` (password manager)
			* `pandoc` (offline documentation generation)
			* `python3` (ansible)
			* `python3-venv` (ansible)
			* `rsync` (ansible)

			`### Initial Setup`

			`0. install requirements`
			1. clone repo and change directory: `git clone https://git.sr.ht/~hirnpfirsich/ffl-eae-adp && cd ffl-aea-adp`
			2. create python3 virtual enviroment: `python3 -m venv ansible-environment`
			3. enter python3 virtual environment: `. ansible-environment/bin/activate`
			4. install ansible and dependencies: `pip3 install -r ansible-environment.txt`
			5. import all gpg keys for `pass`: `gpg --import files/gpg/*`
			6. trust all imported gpg keys: `gpg --edit-key <id>` with `trust` and `5` for every key
			7. create `ssh_config` with all hosts: `ansible-playbook playbook_create_ssh_config.yml` (use `-e jumphost=eae-adp-jump01` to configure ssh to use `eae-adp-jump01` as the jump host)
			8. leave python3 virtual environment: `deactivate`

			`### Daily Usage`

			Before doing enything you need to enter the environment: `. environment`

			After using `playbook_create_ssh_config.yml` you can call `ssh` simply with the name of the machine (ie. `ssh gw-core01`).
			The `ssh_config` file is generated from the `ansible-inventory`.
			`Should something in the inventory change or you want to use/change the jumphost simply reexecute the playbook.`

			Passwords managed using `pass`. Simply call `pass` after sourcing the environment.

			`### Descriptions`

			* `environment`: configure environment (path to `pass` store, http(s) socks proxy and python venv for ansible)
			* `playbook_create_ssh_config.yml`: playbook to create an additional `ssh_config` file (`.ssh/ffl_eae_adp_config`) that get's included in the default `ssh_config`
			* `playbook_distribute_authorized_keys.yml`: deploy `files/authorized_keys` on all machines
			* `playbook_provision_accesspoints.yml`: configure accesspoints
			* `playbook_provision_backbone.yml`: configure wg tunnel and ospf link between `gw-core01` and `eae-adp-jump01`
			* `playbook_provision_eap-adp-jump01.yml`: general system configuration for `eae-adp-jump01` (monitoring, routing, ...)
			* `playbook_provision_hyper01.yml`: general system configuration for `hyper01` and create vms/containers
			* `playbook_provision_monitoring.yml`: configure and install prometheus and grafana on `monitoring01`