docs, config and ansible stuff for the "Erstaufnahmeeinrichtung Am Deutschen Platz"
migriert zu https://gitlab.dezentrale.space/freifunk-leipzig/eae-am-deutschen-platz
6d30cf07da
Fixes:
|
||
---|---|---|
ansible-environment | ||
documentation | ||
files | ||
firmware | ||
password-store | ||
roles | ||
templates | ||
.gitignore | ||
.gitmodules | ||
README.md | ||
ansible-environment.txt | ||
ansible-inventory | ||
ansible.cfg | ||
environment | ||
playbook_create_ssh_config.yml | ||
playbook_create_switch_configs_stock.yml | ||
playbook_distribute_authorized_keys.yml | ||
playbook_provision_accesspoints.yml | ||
playbook_provision_backbone.yml | ||
playbook_provision_eae-adp-jump01.yml | ||
playbook_provision_gateway.yml | ||
playbook_provision_hypervisor.yml | ||
playbook_provision_monitoring.yml | ||
playbook_provision_switches.yml | ||
playbook_sysupgrade.yml |
README.md
Freifunk Leipzig - Erstaufnahme Einrichtung - Am Deutschen Platz
This repo contains the config and documentation for our installation at the "Erstaufnahme Einrichtung - Am Deutschen Platz"
this is a work in progress
Quick Links
Usage
Requirements
pass
(password manager)pandoc
(offline documentation generation)python3
(ansible)python3-venv
(ansible)rsync
(ansible)
Initial Setup
- install requirements
- clone repo and change directory:
git clone https://git.sr.ht/~hirnpfirsich/ffl-eae-adp && cd ffl-aea-adp
- create python3 virtual enviroment:
python3 -m venv ansible-environment
- enter python3 virtual environment:
. ansible-environment/bin/activate
- install ansible and dependencies:
pip3 install -r ansible-environment.txt
- import all gpg keys for
pass
:gpg --import files/gpg/*
- trust all imported gpg keys:
gpg --edit-key <id>
withtrust
and5
for every key - create
ssh_config
with all hosts:ansible-playbook playbook_create_ssh_config.yml
(use-e jumphost=eae-adp-jump01
to configure ssh to useeae-adp-jump01
as the jump host) - leave python3 virtual environment:
deactivate
Daily Usage
Before doing enything you need to enter the environment: . environment
After using playbook_create_ssh_config.yml
you can call ssh
simply with the name of the machine (ie. ssh gw-core01
).
The ssh_config
file is generated from the ansible-inventory
.
Should something in the inventory change or you want to use/change the jumphost simply reexecute the playbook.
Passwords managed using pass
. Simply call pass
after sourcing the environment.
Descriptions
environment
: configure environment (path topass
store, http(s) socks proxy and python venv for ansible)playbook_create_ssh_config.yml
: playbook to create an additionalssh_config
file (.ssh/ffl_eae_adp_config
) that get's included in the defaultssh_config
playbook_distribute_authorized_keys.yml
: deployfiles/authorized_keys
on all machinesplaybook_provision_accesspoints.yml
: configure accesspointsplaybook_provision_backbone.yml
: configure wg tunnel and ospf link betweengw-core01
andeae-adp-jump01
playbook_provision_eap-adp-jump01.yml
: general system configuration foreae-adp-jump01
(monitoring, routing, ...)playbook_provision_hyper01.yml
: general system configuration forhyper01
and create vms/containersplaybook_provision_monitoring.yml
: configure and install prometheus and grafana onmonitoring01