Removed predefined env file, some refactoring

main
Alexander Böhm 2022-04-11 18:01:29 +02:00
parent 8d98a11c13
commit b81ee39634
7 changed files with 117 additions and 24 deletions

10
.env
View File

@ -1,6 +1,6 @@
BATMAN_BRIDGE_IPV4=172.29.0.1/24
BATMAN_BRIDGE_IPV6=fc00:1234:5678::1/24
BATMAN_BRIDGE=br-batman0
BATMAN_IPV4=172.29.0.1/24
BATMAN_IPV6=fc00:1234:5678::1/24
BATMAN_BRIDGE=batman0
BATMAN_FORWARD_GATEWAY4=172.28.0.2
BATMAN_FORWARD_GATEWAY6=fc00:172:28::2
BATMAN_LIMIT_DOWNLOAD=1000
@ -22,9 +22,9 @@ DHCPD_V4_RANGE=172.29.0.16 172.29.0.32
DHCPD_V4_GATEWAY=172.29.0.1
DHCPD_V6_NET=fc00:1234:5678::/64
DHCPD_V6_RANGE=fc00:1234:5678::1000 fc00:1234:5678::1fff
DHCPD_INTERFACE=br-batman0
DHCPD_INTERFACE=batman0
RADVD_INTERFACE=br-batman0
RADVD_INTERFACE=batman0
RADVD_PREFIX=fc00:1234:5678::/64
RADVD_SOURCE_LL_ADDRESS=on
RADVD_ADV_MANAGEMENT_FLAG=on

View File

@ -5,28 +5,28 @@ batctl meshif ${BATMAN_INTERFACE} interface create
ip link set ${BATMAN_INTERFACE} up
# setup ips
if [ "${BATMAN_BRIDGE_IPV4}" ] ; then
ip -4 addr add ${BATMAN_BRIDGE_IPV4} dev ${BATMAN_INTERFACE}
if [ "${BATMAN_IPV4}" ] ; then
ip -4 addr add ${BATMAN_IPV4} dev ${BATMAN_INTERFACE}
fi
if [ "${BATMAN_BRIDGE_IPV6}" ] ; then
ip -6 addr add ${BATMAN_BRIDGE_IPV6} dev ${BATMAN_INTERFACE}
ip -6 addr add ${BATMAN_IPV6} dev ${BATMAN_INTERFACE}
fi
# mark node as dhcp server
batctl meshif ${BATMAN_INTERFACE} gw server ${BATMAN_LIMIT_DOWNLOAD}Mbit/${BATMAN_LIMIT_UPLOAD}Mbit
nft add table ip nat || true
nft add chain 'ip nat POSTROUTING { type nat hook postrouting priority srcnat; policy accept; }' || true
nft add rule nat POSTROUTING counter masquerade || true
nft add table ip6 nat || true
nft add chain 'ip6 nat POSTROUTING { type nat hook postrouting priority srcnat; policy accept; }' || true
nft add rule ip6 nat POSTROUTING counter masquerade || true
# remove dns defintion, because resolv.conf is write protected in the container
if [ "${WIREGUARD_CONFIG}" ] ; then \
nft add table ip nat || true
nft add chain 'ip nat POSTROUTING { type nat hook postrouting priority srcnat; policy accept; }' || true
nft add rule nat POSTROUTING counter masquerade || true
nft add table ip6 nat || true
nft add chain 'ip6 nat POSTROUTING { type nat hook postrouting priority srcnat; policy accept; }' || true
nft add rule ip6 nat POSTROUTING counter masquerade || true
# remove dns defintion, because resolv.conf is write protected in the container
egrep -v '^\s*DNS\s*=' ${WIREGUARD_CONFIG} >/etc/wireguard/${WIREGUARD_INTERFACE}.conf
wg-quick up ${WIREGUARD_INTERFACE}
ip rule add iif br-batman0 table 5000
ip rule add iif ${BATMAN_INTERFACE} table 5000
fi
cat >/etc/radvd.conf <<EOF

View File

@ -1,8 +1,20 @@
FROM docker.io/library/debian:bullseye
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update \
&& apt-get install -y fastd isc-dhcp-server radvd radvdump batctl iproute2 curl traceroute bind9-host tcpdump nftables inetutils-ping \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y \
radvdump \
batctl \
iproute2 \
curl \
traceroute \
bind9-host \
tcpdump \
nftables \
inetutils-ping \
procps \
nmap \
&& rm -rf /var/lib/apt/lists /var/cache/apt/archives
ENTRYPOINT ["/bin/bash"]
COPY entry-point.sh /entry-point.sh
ENTRYPOINT ["/entry-point.sh"]

4
debug/entry-point.sh Normal file
View File

@ -0,0 +1,4 @@
#!/bin/sh
mount -t debugfs debugfs /sys/kernel/debug
/bin/bash

View File

@ -42,7 +42,7 @@ services:
ipv4_address: 172.28.0.2
ipv6_address: fc00:172:28::2
fastd_server:
fastd:
build: fastd/
env_file: .env
cap_add:
@ -90,7 +90,9 @@ services:
build: debug/
cap_add:
- NET_ADMIN
- SYS_ADMIN
network_mode: service:batman
privileged: true
volumes:

View File

@ -1,5 +1,5 @@
#!/bin/sh
docker-compose down -t 0
docker-compose build batman fastd_server dhcpd_v4 dhcpd_v6 debug
docker-compose --env-file .env up -d batman fastd_server dhcpd_v4 dhcpd_v6
docker-compose build batman fastd dhcpd_v4 dhcpd_v6 debug
docker-compose --env-file .env up -d batman fastd dhcpd_v4 dhcpd_v6

75
setup.yml Normal file
View File

@ -0,0 +1,75 @@
- hosts: localhost
vars:
dhcp_start_num: 10
vars_prompt:
- name: node_network_ipv4
prompt: 'IPv4 network?'
default: '172.29.0.1/24'
- name: node_network_ipv6
prompt: 'IPv6 network?'
default: 'fc00:1234:5678::/64'
- name: batman_interface
prompt: 'Name of the BATMAN interface?'
default: batman0
- name: batman_limit_upload
prompt: 'Limit BATMAN upload? (none no limit)'
- name: batman_limit_download
prompt: 'Limit BATMAN download? (none no limit)'
- name: fastd_secret_key
prompt: 'fastd secret key?'
- name: fastd_log_level
prompt: 'fastd log level?'
default: info
- name: fastd_verify_client_peers
prompt: 'fastd verify client peers?'
default: no
- name: fastd_mtu
prompt: 'fastd MTU?'
default: 1300
- name: fastd_peer_limit
prompt: 'fastd peer limit?'
default: 100
- name: max_number_of_clients
prompt: 'Max number of clients'
default: 100
tasks:
- stat:
path: .env
register: env_file
- fail:
msg: "The .env file already exists so it's seem the node was already set up. Delete the file and repeat if you want to set up again."
when: env_file.stat.exists
- copy:
content: |
BATMAN_IPV4={{ node_network_ipv4 }}
BATMAN_IPV6={{ node_network_ipv6 }}
BATMAN_BRIDGE={{ batman_interface }}
BATMAN_LIMIT_DOWNLOAD={{ batman_limit_download }}
BATMAN_LIMIT_UPLOAD={{ batman_limit_upload }}
FASTD_BATMAN_INTERFACE={{ batman_interface }}
FASTD_SECRET_KEY={{ fastd_secret_key }}
FASTD_LOG_LEVEL={{ fastd_log_level }}
FASTD_DONT_VERIFY_PEERS={% if fastd_verify_client_peers %}0{% else %}1{% endif %}
FASTD_INTERFACE=
FASTD_PEER_LIMIT={{ fastd_peer_limit }}
FASTD_MTU={{ fastd_mtu }}
DHCPD_V4_NET={{ node_network_ipv4 |ipaddr('net') }}
DHCPD_V4_RANGE={{ node_network_ipv4 |ipaddr(dhcp_start_num |int) }} {{ node_network_ipv4 |ipaddr((dhcp_start_num |int) + (max_number_of_clients |int)) }}
DHCPD_V6_NET={{ node_network_ipv6 }}
DHCPD_V6_RANGE={{ node_network_ipv6 |ipaddr(dhcp_start_num |int) }} {{ node_network_ipv6 |ipaddr((dhcp_start_num |int) + (max_number_of_clients |int)) }}
DHCPD_INTERFACE={{ batman_interface }}
RADVD_INTERFACE={{ batman_interface }}
RADVD_PREFIX={{ node_network_ipv6 }}
RADVD_SOURCE_LL_ADDRESS=on
RADVD_ADV_MANAGEMENT_FLAG=on
RADVD_OTHER_CONFIG_FLAG=on
RADVD_MTU={{ fastd_mtu }}
dest: .env
mode: u=rw,g=,o=
when: False