forked from zentralwerk/network
cpe ap configuration
This commit is contained in:
parent
2dd16b60f5
commit
72cf0ed464
|
@ -0,0 +1,164 @@
|
|||
#!yaml|gpg
|
||||
cpe:
|
||||
ap1:
|
||||
password: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf+KxWwNiC4VCjdkTUVRcfqzsGRXHUrfBqyoqpPahT7yu8v
|
||||
JiYAc8/zPO0oniP+tM+zCqnIq/kwUe+muh4RTPjcx7Yv4nVA4Y4bcGgbnGqACMjq
|
||||
AEZ8qiv+0yBSxqeVgwlfc/eOtyXlYELCwKM9zUnrmS+0J66zd4zKKbfT029izL0e
|
||||
r2Mxwe6ax9eRrruOImP1WY4rrGaA6/Ci/qY7mV1r9q2RROtkN4dnMs5j0ob9bu2j
|
||||
JV6d3bC7LnZyIzz3Jv8dWGTISPj2UYCnqpR8wIyW46/+mCdZMYd3SFM1lifqJCoB
|
||||
hlET/0qjRw7K+ozh6zP1GOgDXHS1YjfLDLXGuLLuMNJIAV6FIphe+t/Y+v6yHvqZ
|
||||
8L+stbE0RFrqFBMBLxuqw6RTU+AIVwkH9sZ5AoAPF3g6uZCVq8+KU3d2K7K5WCST
|
||||
4p+9mAt3NWq5
|
||||
=QPF0
|
||||
-----END PGP MESSAGE-----
|
||||
model: TL-WR841N
|
||||
location: abhanden
|
||||
access-ports: pub
|
||||
radios:
|
||||
'platform/qca953x_wmac':
|
||||
channel: 1
|
||||
htmode: HT40+
|
||||
ssids:
|
||||
'Zentralwerk':
|
||||
net: pub
|
||||
'C3D2 legacy':
|
||||
net: priv1
|
||||
psk: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf/SO/v+xhO1yOG83uCcAN2r5ixNf8+Ksp1dPwBKQHUViwJ
|
||||
/KZHBAUzjTtGFIcpEy3exZcAorJ8SeGaB0hv1zw1HZuHN7Els8KKDu4G5u31Sp8w
|
||||
EFtuwujlkFAt3t57jp02O0qvXBCIA14eNlakc9fcPypibTrIEGp2SCzw/kty4r3g
|
||||
EGUwn1sMPjeQxon5Y4JY4OmZBXsnZkKMwTYjAbL+RS300xV1Nh/WWSTRfueAmT5f
|
||||
xfyHj4NlOoBNBILgm1qlrOdgqJSvHM6rw47BoiDuxeVtgmyPqSbHmN8d7xExbuxB
|
||||
tdcnI6HfSv47ZhLARH08BiI7nLaKNygwgy6yKr0zctJAAetIX8BADb4W4QgyM7VD
|
||||
pYqAfy5Igg342W+ZSMyybiZccncchv4opsyDFTjuby9mqL8OwaMWkeNcNPALaT9v
|
||||
rA==
|
||||
=TEEI
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
|
||||
ap2:
|
||||
firstboot: true
|
||||
password: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf8CYe3pO4cTAkpckOBnLp61msnczVRfWtinHKAmysUFpYX
|
||||
m25JhqLKIk+/UmHtOyyaPyo6GqHu62Ckm+TVIKh5yAGlfI5Dsm6PjWzJ1HPaGgnA
|
||||
1wMRrbWfZdUkvEP9uvHLtErjoTHqAW/9bF57GE2SY/e392Dz1Y4e6MhMFx61SZ5c
|
||||
h+kch3edTO4vL7AijlmMMngRKYbZsZOMFoXdmzLoZWYG+MNv0aig5s04nuYURAxr
|
||||
AmgjnCfl9m4/kblLs8b1Z2WI74hCnFMIGRtl7ZoovKDojMAf1HdTbsdujN+zc03S
|
||||
tNSCqg4eo9LzNdQnpF6CP0cciEEnlSXKPH/GjGCSydJGARJhGfGxXRmLlFooEpSW
|
||||
lO1x0xXGsnrm08EUPdT127uJjCF9nPplCgRRKyTR3IDrDFDpqJyjIMK8+/vQFGma
|
||||
zYUuYozyRA==
|
||||
=Tlu+
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
model: TL-Archer-C7
|
||||
location: Netzbiotop Main
|
||||
access-ports: priv1
|
||||
radios:
|
||||
radio0:
|
||||
channel: 1
|
||||
ssids:
|
||||
'Zentralwerk':
|
||||
net: pub
|
||||
'C3D2 legacy':
|
||||
net: priv1
|
||||
psk: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf/SO/v+xhO1yOG83uCcAN2r5ixNf8+Ksp1dPwBKQHUViwJ
|
||||
/KZHBAUzjTtGFIcpEy3exZcAorJ8SeGaB0hv1zw1HZuHN7Els8KKDu4G5u31Sp8w
|
||||
EFtuwujlkFAt3t57jp02O0qvXBCIA14eNlakc9fcPypibTrIEGp2SCzw/kty4r3g
|
||||
EGUwn1sMPjeQxon5Y4JY4OmZBXsnZkKMwTYjAbL+RS300xV1Nh/WWSTRfueAmT5f
|
||||
xfyHj4NlOoBNBILgm1qlrOdgqJSvHM6rw47BoiDuxeVtgmyPqSbHmN8d7xExbuxB
|
||||
tdcnI6HfSv47ZhLARH08BiI7nLaKNygwgy6yKr0zctJAAetIX8BADb4W4QgyM7VD
|
||||
pYqAfy5Igg342W+ZSMyybiZccncchv4opsyDFTjuby9mqL8OwaMWkeNcNPALaT9v
|
||||
rA==
|
||||
=TEEI
|
||||
-----END PGP MESSAGE-----
|
||||
radio1:
|
||||
channel: 130
|
||||
ssids:
|
||||
'Zentralwerk':
|
||||
net: pub
|
||||
'C3D2':
|
||||
net: priv1
|
||||
psk: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf/SO/v+xhO1yOG83uCcAN2r5ixNf8+Ksp1dPwBKQHUViwJ
|
||||
/KZHBAUzjTtGFIcpEy3exZcAorJ8SeGaB0hv1zw1HZuHN7Els8KKDu4G5u31Sp8w
|
||||
EFtuwujlkFAt3t57jp02O0qvXBCIA14eNlakc9fcPypibTrIEGp2SCzw/kty4r3g
|
||||
EGUwn1sMPjeQxon5Y4JY4OmZBXsnZkKMwTYjAbL+RS300xV1Nh/WWSTRfueAmT5f
|
||||
xfyHj4NlOoBNBILgm1qlrOdgqJSvHM6rw47BoiDuxeVtgmyPqSbHmN8d7xExbuxB
|
||||
tdcnI6HfSv47ZhLARH08BiI7nLaKNygwgy6yKr0zctJAAetIX8BADb4W4QgyM7VD
|
||||
pYqAfy5Igg342W+ZSMyybiZccncchv4opsyDFTjuby9mqL8OwaMWkeNcNPALaT9v
|
||||
rA==
|
||||
=TEEI
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
ap3:
|
||||
firstboot: true
|
||||
password: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQgAj+qP7T9D0MGNdstPfT3l0QRBCffcYVc/vGv6xk+s7IqW
|
||||
L/7GQhhz3sk63QpyONFt6KZc3KhqAzqG7gL8LmK1+PP48Rh/CRfKx8rh5QxV5RFr
|
||||
YgsI2OIcn7DKSBGuwZaZR0KC9mPwr381E8+uPAAuC4CleaYkt6VjVtEJFf89DDUW
|
||||
jgtySygaVnG8SxGDc69tq51Zkoq/AlYWgVI+/8UAsja5fUoQa1Aw1YxteJfQ8lAb
|
||||
TZWYfDdoNGs3mvvy8wK8NuQBvVnQdgowJYQSdYXfo1HqQd0o5oYsDr633MnfxZ4p
|
||||
4ANDPuiSe944WQzdmaeASaE9FWk8vfz5VA8BuMlyxtJGAZPJnXM+l6JY0Nna+kWW
|
||||
iYqejp6HmibQCjSxxeyRDIxfEA99LjQZ4t0bqmnamgW0Dbn2hW7sHNmSHD3zX7Hi
|
||||
uyIJKqCOnA==
|
||||
=kpf2
|
||||
-----END PGP MESSAGE-----
|
||||
|
||||
model: TL-WR1043ND
|
||||
location: weg
|
||||
access-ports: priv1
|
||||
radios:
|
||||
radio0:
|
||||
channel: 1
|
||||
ssids:
|
||||
'Zentralwerk':
|
||||
net: pub
|
||||
'C3D2 legacy':
|
||||
net: priv1
|
||||
psk: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf/SO/v+xhO1yOG83uCcAN2r5ixNf8+Ksp1dPwBKQHUViwJ
|
||||
/KZHBAUzjTtGFIcpEy3exZcAorJ8SeGaB0hv1zw1HZuHN7Els8KKDu4G5u31Sp8w
|
||||
EFtuwujlkFAt3t57jp02O0qvXBCIA14eNlakc9fcPypibTrIEGp2SCzw/kty4r3g
|
||||
EGUwn1sMPjeQxon5Y4JY4OmZBXsnZkKMwTYjAbL+RS300xV1Nh/WWSTRfueAmT5f
|
||||
xfyHj4NlOoBNBILgm1qlrOdgqJSvHM6rw47BoiDuxeVtgmyPqSbHmN8d7xExbuxB
|
||||
tdcnI6HfSv47ZhLARH08BiI7nLaKNygwgy6yKr0zctJAAetIX8BADb4W4QgyM7VD
|
||||
pYqAfy5Igg342W+ZSMyybiZccncchv4opsyDFTjuby9mqL8OwaMWkeNcNPALaT9v
|
||||
rA==
|
||||
=TEEI
|
||||
-----END PGP MESSAGE-----
|
||||
radio1:
|
||||
channel: 130
|
||||
ssids:
|
||||
'Zentralwerk':
|
||||
net: pub
|
||||
'C3D2':
|
||||
net: priv1
|
||||
psk: |
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMA2PKcvDMvlKLAQf/SO/v+xhO1yOG83uCcAN2r5ixNf8+Ksp1dPwBKQHUViwJ
|
||||
/KZHBAUzjTtGFIcpEy3exZcAorJ8SeGaB0hv1zw1HZuHN7Els8KKDu4G5u31Sp8w
|
||||
EFtuwujlkFAt3t57jp02O0qvXBCIA14eNlakc9fcPypibTrIEGp2SCzw/kty4r3g
|
||||
EGUwn1sMPjeQxon5Y4JY4OmZBXsnZkKMwTYjAbL+RS300xV1Nh/WWSTRfueAmT5f
|
||||
xfyHj4NlOoBNBILgm1qlrOdgqJSvHM6rw47BoiDuxeVtgmyPqSbHmN8d7xExbuxB
|
||||
tdcnI6HfSv47ZhLARH08BiI7nLaKNygwgy6yKr0zctJAAetIX8BADb4W4QgyM7VD
|
||||
pYqAfy5Igg342W+ZSMyybiZccncchv4opsyDFTjuby9mqL8OwaMWkeNcNPALaT9v
|
||||
rA==
|
||||
=TEEI
|
||||
-----END PGP MESSAGE-----
|
|
@ -5,6 +5,38 @@ hosts-inet:
|
|||
switch-b2: 10.0.0.11
|
||||
switch-c1: 10.0.0.12
|
||||
switch-d1: 10.0.0.13
|
||||
ap1: 10.0.0.41
|
||||
ap2: 10.0.0.42
|
||||
ap3: 10.0.0.43
|
||||
ap4: 10.0.0.44
|
||||
ap5: 10.0.0.45
|
||||
ap6: 10.0.0.46
|
||||
ap7: 10.0.0.47
|
||||
ap8: 10.0.0.48
|
||||
ap9: 10.0.0.49
|
||||
ap10: 10.0.0.50
|
||||
ap11: 10.0.0.51
|
||||
ap12: 10.0.0.52
|
||||
ap13: 10.0.0.53
|
||||
ap14: 10.0.0.54
|
||||
ap15: 10.0.0.55
|
||||
ap16: 10.0.0.56
|
||||
ap17: 10.0.0.57
|
||||
ap18: 10.0.0.58
|
||||
ap19: 10.0.0.59
|
||||
ap20: 10.0.0.60
|
||||
ap21: 10.0.0.61
|
||||
ap22: 10.0.0.62
|
||||
ap23: 10.0.0.63
|
||||
ap24: 10.0.0.64
|
||||
ap25: 10.0.0.65
|
||||
ap26: 10.0.0.66
|
||||
ap27: 10.0.0.67
|
||||
ap28: 10.0.0.68
|
||||
ap29: 10.0.0.69
|
||||
ap30: 10.0.0.70
|
||||
ap31: 10.0.0.71
|
||||
ap32: 10.0.0.72
|
||||
core:
|
||||
server1: 172.20.72.1
|
||||
serv-gw: 172.20.72.2
|
||||
|
|
|
@ -17,3 +17,4 @@ base:
|
|||
'server1':
|
||||
- lxc-containers.server1
|
||||
- switches
|
||||
- cpe.aps
|
||||
|
|
|
@ -0,0 +1,104 @@
|
|||
#!/usr/bin/env bash -e
|
||||
|
||||
{%- if conf.get('firstboot') %}
|
||||
ssh-keygen -R 192.168.1.1
|
||||
|
||||
ssh root@192.168.1.1 \
|
||||
"ash -e" <<__SSH__
|
||||
{%- else %}
|
||||
ssh root@{{ pillar['hosts-inet']['mgmt'][hostname] }} \
|
||||
"ash -e" <<__SSH__
|
||||
{%- endif %}
|
||||
|
||||
# Set root password
|
||||
echo -e "{{ conf['password'] }}\n{{ conf['password'] }}" | passwd
|
||||
|
||||
# TODO: add ssh pubkey
|
||||
|
||||
# System configuration
|
||||
uci batch <<__UCI__
|
||||
set system.@system[0].hostname={{ hostname }}
|
||||
set dhcp.@dnsmasq[0].enabled=0
|
||||
|
||||
delete network.globals.ula_prefix
|
||||
delete network.lan
|
||||
delete network.wan
|
||||
delete network.wan6
|
||||
delete wireless.default_radio0
|
||||
delete wireless.default_radio1
|
||||
|
||||
set network.@switch[0].reset=1
|
||||
set network.@switch[0].enable=1
|
||||
set network.@switch[0].enable_vlan=0
|
||||
|
||||
set network.mgmt=interface
|
||||
set network.mgmt.ifname=eth1.1
|
||||
set network.mgmt.proto=static
|
||||
set network.mgmt.ipaddr={{ pillar['hosts-inet']['mgmt'][hostname] }}
|
||||
set network.mgmt.netmask=255.255.255.0
|
||||
|
||||
{%- set bridges = {} %}
|
||||
{%- if conf.get('access-ports') %}
|
||||
{%- do bridges.__setitem__(conf['access-ports'], True) %}
|
||||
{%- endif %}
|
||||
{%- for path, radio in conf['radios'].items() %}
|
||||
{%- for ssid, ssidconf in radio['ssids'].items() %}
|
||||
{%- do bridges.__setitem__(ssidconf['net'], True) %}
|
||||
{%- endfor %}
|
||||
{%- endfor %}
|
||||
|
||||
{%- for net in bridges.keys() %}
|
||||
|
||||
set network.{{ net }}=interface
|
||||
set network.{{ net }}.type=bridge
|
||||
set network.{{ net }}.proto=static
|
||||
{%- set ports = ['eth1.' ~ pillar['vlans'][net]] %}
|
||||
{%- if conf.get('access-ports') == net %}
|
||||
{%- do ports.append('eth0') %}
|
||||
{%- endif %}
|
||||
set network.{{ net }}.ifname='{{ ' '.join(ports) }}'
|
||||
{%- endfor %}
|
||||
|
||||
{%- set radionum = 0 %}
|
||||
{%- for path, radio in conf['radios'].items() %}
|
||||
set wireless.radio{{ radionum }}=wifi-device
|
||||
set wireless.radio{{ radionum }}.type=mac80211
|
||||
set wireless.radio{{ radionum }}.channel={{ radio['channel'] }}
|
||||
set wireless.radio{{ radionum }}.path={{ path }}
|
||||
set wireless.radio{{ radionum }}.hwmode={{ radio.get('hwmode') or '11n' }}
|
||||
set wireless.radio{{ radionum }}.htmode={{ radio.get('htmode') or 'HT20' }}
|
||||
set wireless.radio{{ radionum }}.noscan=1
|
||||
delete wireless.radio{{ radionum }}.disabled
|
||||
|
||||
{%- set ifnum = 0 %}
|
||||
{%- for ssid, ssidconf in radio['ssids'].items() %}
|
||||
set wireless.wifi{{ ifnum }}=wifi-iface
|
||||
set wireless.wifi{{ ifnum }}.device=radio{{ radionum }}
|
||||
set wireless.wifi{{ ifnum }}.ssid='{{ ssid }}'
|
||||
set wireless.wifi{{ ifnum }}.mode=ap
|
||||
set wireless.wifi{{ ifnum }}.network={{ ssidconf['net'] }}
|
||||
{%- if ssidconf.get('psk') %}
|
||||
set wireless.wifi{{ ifnum }}.encryption=psk2
|
||||
set wireless.wifi{{ ifnum }}.key='{{ ssidconf['psk'] }}'
|
||||
{%- else %}
|
||||
set wireless.wifi{{ ifnum }}.encryption=none
|
||||
{%- endif %}
|
||||
|
||||
{%- set ifnum = ifnum + 1 %}
|
||||
{%- endfor %}
|
||||
|
||||
{%- set radionum = radionum + 1 %}
|
||||
{%- endfor %}
|
||||
|
||||
commit
|
||||
__UCI__
|
||||
|
||||
# TODO: install pkgs (collectd...)
|
||||
|
||||
{%- if conf.get('firstboot') %}
|
||||
reboot
|
||||
{%- endif %}
|
||||
|
||||
__SSH__
|
||||
|
||||
echo "All done \\o/"
|
|
@ -0,0 +1,11 @@
|
|||
{%- for hostname, conf in pillar['cpe'].items() %}
|
||||
/root/{{ hostname }}.sh:
|
||||
file.managed:
|
||||
- source: salt://cpe/ap.sh
|
||||
- template: 'jinja'
|
||||
- context:
|
||||
hostname: {{ hostname }}
|
||||
conf: {{ conf }}
|
||||
- mode: 755
|
||||
|
||||
{%- endfor %}
|
|
@ -5,6 +5,7 @@ base:
|
|||
- lxc-containers
|
||||
- ospf
|
||||
- switches
|
||||
- cpe
|
||||
'*-gw':
|
||||
- no-ssh
|
||||
- forwarding
|
||||
|
|
Loading…
Reference in New Issue