Freifunk-Leipzig
/
eae-am-deutschen-platz
13
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
docs, config and ansible stuff for the "Erstaufnahmeeinrichtung Am Deutschen Platz"
131 Commits 4 Branches 0 Tags 2.3 MiB
Jinja 63.8%
Lua 20.2%
Shell 16%
Go to file
Gregor Michels 4a784df86c add submodule "gekmihesg.openwrt" 
to be able to provision the switches (sadly not enough rom for python)
 		2022-11-03 00:07:31 +01:00
ansible-environment add venv for ansible 2022-07-03 01:24:40 +02:00
documentation incident 024: include openwrt version header 2022-10-24 02:37:16 +02:00
files monitoring: add alarm "PublicWifiUpstreamLost" 2022-10-19 02:05:32 +02:00
firmware playbook_sysupgrade.yml: add empty firmware directory into vcs 2022-11-02 23:53:07 +01:00
password-store correct gigacube doc and pw entry 2022-10-24 02:21:04 +02:00
roles add submodule "gekmihesg.openwrt" 2022-11-03 00:07:31 +01:00
templates monitoring: remove non-dns e2e test 2022-10-19 02:01:08 +02:00
.gitignore add a way to build an offline copy of the documentation 2022-07-03 02:13:11 +02:00
.gitmodules add submodule "gekmihesg.openwrt" 2022-11-03 00:07:31 +01:00
README.md README: fix documentation link 2022-07-03 03:27:37 +02:00
ansible-environment.txt venv: upgrade to ansible 6.1.0 2022-07-24 17:09:57 +02:00
ansible-inventory gateways: define garet profile and release 2022-10-24 01:41:22 +02:00
ansible.cfg rename some ansible files/directories 2022-07-03 02:07:50 +02:00
environment environment: also configure http(s) proxy and enter python venv 2022-07-03 02:07:50 +02:00
playbook_create_ssh_config.yml playbook_create_ssh_config: fix indentation of 'ProxyJump' 2022-09-28 00:49:10 +02:00
playbook_distribute_authorized_keys.yml playbook_distribute_authorized_keys: also set root pw on gw and aps 2022-09-28 00:47:14 +02:00
playbook_provision_accesspoints.yml playbook_provision_accesspoints: remove unnecessary statements 2022-10-01 20:34:49 +02:00
playbook_provision_backbone.yml playbook_provision_backbone: remove tunnel configuration for gw-core01 2022-09-26 00:34:07 +02:00
playbook_provision_eap-adp-jump01.yml monitoring: move node exporter installation into single task 2022-09-14 02:26:27 +02:00
playbook_provision_gateway.yml new playbook 'playbook_provision_gateway.yml' 2022-09-26 00:34:06 +02:00
playbook_provision_hypervisor.yml rename playbook_provision_hyper01 -> playbook_provision_hypervisor 2022-09-14 03:01:41 +02:00
playbook_provision_monitoring.yml incident 017: add another icmp probe `mon-e2e-wan01` 2022-09-15 02:02:22 +02:00
playbook_sysupgrade.yml playbook_sysupgrade: extend fw upgrade automation onto gateways 2022-10-24 01:40:41 +02:00

README.md

Freifunk Leipzig - Erstaufnahme Einrichtung - Am Deutschen Platz

This repo contains the config and documentation for our installation at the "Erstaufnahme Einrichtung - Am Deutschen Platz"

this is a work in progress

Quick Links

Usage

Requirements

  • pass (password manager)
  • pandoc (offline documentation generation)
  • python3 (ansible)
  • python3-venv (ansible)
  • rsync (ansible)

Initial Setup

  1. install requirements
  2. clone repo and change directory: git clone https://git.sr.ht/~hirnpfirsich/ffl-eae-adp && cd ffl-aea-adp
  3. create python3 virtual enviroment: python3 -m venv ansible-environment
  4. enter python3 virtual environment: . ansible-environment/bin/activate
  5. install ansible and dependencies: pip3 install -r ansible-environment.txt
  6. import all gpg keys for pass: gpg --import files/gpg/*
  7. trust all imported gpg keys: gpg --edit-key <id> with trust and 5 for every key
  8. create ssh_config with all hosts: ansible-playbook playbook_create_ssh_config.yml (use -e jumphost=eae-adp-jump01 to configure ssh to use eae-adp-jump01 as the jump host)
  9. leave python3 virtual environment: deactivate

Daily Usage

Before doing enything you need to enter the environment: . environment

After using playbook_create_ssh_config.yml you can call ssh simply with the name of the machine (ie. ssh gw-core01). The ssh_config file is generated from the ansible-inventory. Should something in the inventory change or you want to use/change the jumphost simply reexecute the playbook.

Passwords managed using pass. Simply call pass after sourcing the environment.

Descriptions

  • environment: configure environment (path to pass store, http(s) socks proxy and python venv for ansible)
  • playbook_create_ssh_config.yml: playbook to create an additional ssh_config file (.ssh/ffl_eae_adp_config) that get's included in the default ssh_config
  • playbook_distribute_authorized_keys.yml: deploy files/authorized_keys on all machines
  • playbook_provision_accesspoints.yml: configure accesspoints
  • playbook_provision_backbone.yml: configure wg tunnel and ospf link between gw-core01 and eae-adp-jump01
  • playbook_provision_eap-adp-jump01.yml: general system configuration for eae-adp-jump01 (monitoring, routing, ...)
  • playbook_provision_hyper01.yml: general system configuration for hyper01 and create vms/containers
  • playbook_provision_monitoring.yml: configure and install prometheus and grafana on monitoring01