Freifunk-Leipzig
/
eae-am-deutschen-platz
13
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
docs, config and ansible stuff for the "Erstaufnahmeeinrichtung Am Deutschen Platz"
149 Commits
4 Branches
0 Tags
2.3 MiB
Jinja 63.8%
Lua 20.2%
Shell 16%
 
 
 
Go to file
Gregor Michels 8d4fc76a81 playbook_provision_backbone: configure backbone for ffl-ans-gw-core01 2022-11-10 02:06:52 +01:00
ansible-environment add venv for ansible 2022-07-03 01:24:40 +02:00
documentation incident 024: include openwrt version header 2022-10-24 02:37:16 +02:00
files playbook_provision_backbone: configure backbone for ffl-ans-gw-core01 2022-11-10 02:06:52 +01:00
firmware playbook_sysupgrade.yml: add empty firmware directory into vcs 2022-11-02 23:53:07 +01:00
password-store pass: add wireguard keys for ffl-ans-gw-core01 backbone 2022-11-10 02:05:49 +01:00
roles add submodule "gekmihesg.openwrt" 2022-11-03 00:07:31 +01:00
templates playbook_provision_backbone: configure backbone for ffl-ans-gw-core01 2022-11-10 02:06:52 +01:00
.gitignore new playbook: playbook_create_switch_configs_stock for ans 2022-11-10 00:29:44 +01:00
.gitmodules add submodule "gekmihesg.openwrt" 2022-11-03 00:07:31 +01:00
README.md README: fix documentation link 2022-07-03 03:27:37 +02:00
ansible-environment.txt venv: upgrade to ansible 6.1.0 2022-07-24 17:09:57 +02:00
ansible-inventory add ffl-ans-gw-core01 2022-11-10 01:57:56 +01:00
ansible.cfg rename some ansible files/directories 2022-07-03 02:07:50 +02:00
environment environment: also configure http(s) proxy and enter python venv 2022-07-03 02:07:50 +02:00
playbook_create_ssh_config.yml playbook_create_ssh_config: fix indentation of 'ProxyJump' 2022-09-28 00:49:10 +02:00
playbook_create_switch_configs_stock.yml new playbook: playbook_create_switch_configs_stock for ans 2022-11-10 00:29:44 +01:00
playbook_distribute_authorized_keys.yml playbook_distribute_authorized_keys: also set root pw on gw and aps 2022-09-28 00:47:14 +02:00
playbook_provision_accesspoints.yml wifi: site specific settings 2022-11-09 00:21:17 +01:00
playbook_provision_backbone.yml playbook_provision_backbone: configure backbone for ffl-ans-gw-core01 2022-11-10 02:06:52 +01:00
playbook_provision_eap-adp-jump01.yml monitoring: move node exporter installation into single task 2022-09-14 02:26:27 +02:00
playbook_provision_gateway.yml playbook_provision_gateway: move config files into host specific dir 2022-11-10 01:30:26 +01:00
playbook_provision_hypervisor.yml rename playbook_provision_hyper01 -> playbook_provision_hypervisor 2022-09-14 03:01:41 +02:00
playbook_provision_monitoring.yml incident 017: add another icmp probe `mon-e2e-wan01` 2022-09-15 02:02:22 +02:00
playbook_provision_switches.yml new playbook 'playbook_provision_switches' 2022-11-03 00:15:05 +01:00
playbook_sysupgrade.yml playbook_sysupgrade: extend fw upgrade automation onto gateways 2022-10-24 01:40:41 +02:00

README.md

Freifunk Leipzig - Erstaufnahme Einrichtung - Am Deutschen Platz

This repo contains the config and documentation for our installation at the "Erstaufnahme Einrichtung - Am Deutschen Platz"

this is a work in progress

Quick Links

Usage

Requirements

  • pass (password manager)
  • pandoc (offline documentation generation)
  • python3 (ansible)
  • python3-venv (ansible)
  • rsync (ansible)

Initial Setup

  1. install requirements
  2. clone repo and change directory: git clone https://git.sr.ht/~hirnpfirsich/ffl-eae-adp && cd ffl-aea-adp
  3. create python3 virtual enviroment: python3 -m venv ansible-environment
  4. enter python3 virtual environment: . ansible-environment/bin/activate
  5. install ansible and dependencies: pip3 install -r ansible-environment.txt
  6. import all gpg keys for pass: gpg --import files/gpg/*
  7. trust all imported gpg keys: gpg --edit-key <id> with trust and 5 for every key
  8. create ssh_config with all hosts: ansible-playbook playbook_create_ssh_config.yml (use -e jumphost=eae-adp-jump01 to configure ssh to use eae-adp-jump01 as the jump host)
  9. leave python3 virtual environment: deactivate

Daily Usage

Before doing enything you need to enter the environment: . environment

After using playbook_create_ssh_config.yml you can call ssh simply with the name of the machine (ie. ssh gw-core01). The ssh_config file is generated from the ansible-inventory. Should something in the inventory change or you want to use/change the jumphost simply reexecute the playbook.

Passwords managed using pass. Simply call pass after sourcing the environment.

Descriptions

  • environment: configure environment (path to pass store, http(s) socks proxy and python venv for ansible)
  • playbook_create_ssh_config.yml: playbook to create an additional ssh_config file (.ssh/ffl_eae_adp_config) that get's included in the default ssh_config
  • playbook_distribute_authorized_keys.yml: deploy files/authorized_keys on all machines
  • playbook_provision_accesspoints.yml: configure accesspoints
  • playbook_provision_backbone.yml: configure wg tunnel and ospf link between gw-core01 and eae-adp-jump01
  • playbook_provision_eap-adp-jump01.yml: general system configuration for eae-adp-jump01 (monitoring, routing, ...)
  • playbook_provision_hyper01.yml: general system configuration for hyper01 and create vms/containers
  • playbook_provision_monitoring.yml: configure and install prometheus and grafana on monitoring01