91222f2610 | ||
---|---|---|
.. | ||
README.md |
README.md
Doku: EAE - Am deutschen Platz
eae-adp.freifunk-leipzig.de
:
gw-core01
sw-access01
sw-access02
hyper01
monitoring01
ap-xxxx
Hardware:
Typ | Manufacturer | Model | Count | Description |
---|---|---|---|---|
Access Point | Aruba | AP-105 | 8x | |
Switch | Zyxel | GS1800-8HP | 2x | |
Router | Ubiquiti | EdgeRouter-X | 1x | |
"Server" | Lenovo | ThinkCentre ... | 1x |
Cloud:
VM Name | IPv4 | IPv6 | Location | Provider | Type | Description |
---|---|---|---|---|---|---|
eap-adp-jump01 |
162.55.53.85 |
2a01:4f8:c0c:1281::/64 |
Germany - Nuerenberg - DC3 | Hetzner | CX11 | vpn and jump host for remote access |
Networks:
Name | VLAN | v4 Space | v6 Space | Description |
---|---|---|---|---|
mgmt |
1 | 10.84.1.0/24 |
/ | default network which is used for administrative and monitoring tasks |
clients |
2 | 10.84.2.0/22 |
/ | this is where the wifi clients live |
GIGACUBE |
/ | 192.168.8.0/24 |
/ | created by the gigacube. wan for our gateway |
IPAM:
IP | MAC | Device | Description |
---|---|---|---|
10.84.1.1/24 |
78:8a:20:bd:b6:ae |
gw-core01 |
|
10.84.1.10/24 |
bc:cf:4f:e3:bb:8d |
sw-access01 |
|
10.84.1.11/24 |
bc:cf:4f:e3:ac:39 |
sw-access02 |
|
10.84.1.21/24 |
hyper01 |
||
10.84.1.30/24 |
24:de:c6:cc:2b:bf |
ap-2bbf |
|
10.84.1.31/24 |
24:de:c6:c3:ac:7c |
ap-ac7c |
|
10.84.1.32/24 |
6c:f3:7f:c9:0b:99 |
ap-0b99 |
|
10.84.1.33/24 |
ac:a3:1e:cf:c5:d1 |
ap-c5d1 |
|
10.84.1.34/24 |
ac:a3:1e:cf:c4:95 |
ap-c495 |
|
10.84.1.35/24 |
18:64:72:cf:1a:38 |
ap-1a38 |
|
10.84.1.36/24 |
d8:c7:c8:c2:8f:42 |
ap-8f42 |
|
10.84.1.37/24 |
00:24:6c:c8:8f:39 |
ap-8f39 |
SSH-Hostkeys:
Configuration:
sw-access0{1-2}
OS:
OpenWrt 21.02.3
- custom build with garet
- profile:
zyxel-gs1900-8hp_21.02.3
- commit:
31b86557add49187a2ee161465b51fe120076a3c
Config:
- configure
sw-access01
:
uci batch << EOF
# configure hostname
set system.@system[0].hostname=sw-access01
# configure mgmt ip
set network.mgmt.ipaddr=10.84.1.11
EOF
- configure
sw-access02
:
uci batch << EOF
# configure hostname
set system.@system[0].hostname=sw-access02
# configure mgmt ip
set network.mgmt.ipaddr=10.84.1.12
EOF
- finish config on both nodes:
# configure root password
passwd
uci batch << EOF
# configure mgmt ip
set network.mgmt.proto=static
set network.mgmt.netmask=255.255.255.0
set network.mgmt.gateway=10.84.1.1
add_list network.mgmt.dns=10.84.1.1
# create clients vlan for switch
set network.clients_vlan=bridge-vlan
set network.clients_vlan.device=switch
set network.clients_vlan.vlan=2
set network.clients_vlan.ports="lan1:t lan2:t lan3:t lan4:t lan5:t lan6:t lan7:t lan8:t"
EOF
uci commit
/etc/init.d/system reload
/etc/init.d/network reload
ap-xxxx
OS:
OpenWrt 21.02.3
- custom build with garet
- profile:
aruba-ap-105_21.02.3
- commit:
18ced036173a23280efd3b87df06ccaa46eb9a04
- initially configure password and ip for every ap:
passwd
uci batch << EOF
set network.mgmt.proto=static
set network.mgmt.ipaddr=10.84.1.37
set network.mgmt.netmask=255.255.255.0
set network.mgmt.gateway=10.84.1.1
add_list network.mgmt.dns=10.84.1.1
EOF
uci commit network
/etc/init.d/network reload
- configure network via
playbook_provision_aps.yml
hyper01
OS:
- Proxmox VE 7.2-1
Installation Questions:
- Proxmox Virtual Environment (PVE)
- Target Harddrive: Options
- Filesystem:
zfs (RAID0)
- Disk Setup
- Harddisk 0: /dev/sda (300GB)
- Advanced Options:
- copies: 2
- Filesystem:
- Location and Time Zone selection:
- Country: Germany
- Time zone: Europe/Berlin
- Keyboard Layout: German
- Administration Password and Email Address
- Password:
pass EAE_Am-Deutschen-Platz/hyper01
- EMail:
info@freifunk-leipzig.de
- Password:
- Mangement Network Configuration
- Management Interface:
enp2s0
- Hostname (FQDN):
hyper01.eae-adp.freifunk-leipzig.de
- IP Address (CIDR):
10.84.1.21/24
- Gateway:
10.84.1.1
- DNS Server:
10.84.1.1
- Management Interface:
eap-adp-jump01
OS:
- OpenBSD 7.1
Installation:
- with full disk encryption: https://www.openbsd.org/faq/faq14.html#softraidFDE
- via autoinstall
- boot into OpenBSD iso
- type s to open the shell after booting
Welcome to the OpenBSD/amd64 7.1 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell?
- create encrypted drive
# cd /dev && sh MAKEDEV sd0
# dd if=/dev/urandom of=/dev/rsd0c bs=1m
# fdisk -iy sd0
# disklabel -E sd0
[...]
> a a
> 64
> *
> RAID
> w
> q
# bioctl -c C -l sd0a softraid0
[...]
passphrase
passphrase again
# cd /dev && sh MAKEDEV sd1
# dd if=/dev/zero of=/dev/rsd1c bs=1m count=1
- execute autoinstall
# cd /
# ftp https://git.sr.ht/~hirnpfirsich/ffl-eae-adp/blob/master/files/eae-adp-jump01.install.conf
# install -a -f eae-adp-jump01.install.conf
[...]
# reboot