From f4ef4d2febb7c973df794b8883787f0584451335 Mon Sep 17 00:00:00 2001 From: Astro Date: Fri, 19 Feb 2021 18:57:35 +0100 Subject: [PATCH] priv39: prepare --- contact.md.asc | 86 +++++++++++++------------- salt-pillar/cpe/aps.sls | 15 +++++ salt-pillar/dhcp/init.sls | 12 ++++ salt-pillar/hosts/init.sls | 12 ++++ salt-pillar/lxc-containers/server1.sls | 11 ++++ salt-pillar/subnets/init.sls | 3 + salt-pillar/switches/init.sls | 4 ++ subnets.md | 1 + 8 files changed, 101 insertions(+), 43 deletions(-) diff --git a/contact.md.asc b/contact.md.asc index 36bacf1..85ec131 100644 --- a/contact.md.asc +++ b/contact.md.asc @@ -1,46 +1,46 @@ -----BEGIN PGP MESSAGE----- -hQEMA2PKcvDMvlKLAQgAhR86mpEXTBlmTBTG9SIOln858896gE4V5u/7YiyuGoXc -cVeS6mj0AeY9QIhq27vu2xVpgvq0UQVz5Mj0/zr/lSNmTNoWsLm4dc4kO4nANngY -gqlKJME8E5mWHOn21YEh3G670tZij/p85FXoYnwb9gFZHgfLXyS9YSEpsrA4H8Bt -7OHbt0r/gFDjCDckVrZJh2WvWlE3jkwWpDjojAfKOPd7YuDOURHvLX4Va84UsM5Q -8kg6969q/3tF0lrgyx1yYILsp5YPQFdelt+jx2bVDlq1+lrzYLqwvrzY7AcwzkRQ -SdSggAWCOcTH6EK417jU3TNbxETUrYIQEcp7Y5nv1dLqAbhFt0+H91ASLWcLCPql -OONrprhkwMGZAfOVMa1qCEtoFft2np7VanruCiw2ifWXvxqCNW0mek8hPhRF+0j6 -eq41d7ul8M1KOX9F7Ud5eqF2zHZHlK797NCvbmZ8wrBwlAgDOaNoI08V0IXdAs4c -4l01ZIe5M7CVyoXTECG6w8PPU/LNANMrpgGrfAhsI4kjhfXqR9pTKVDjw15ydr25 -lPWsfBqed69VZ1ZaXZB2Q2GZN4l+08iFKHTidEzMg1gfW7KFsdanSbVtbnjRZ+wz -JyGF7OgxwdMgx3W8d4su8kDmYIQdTNyU5x7sEbgMcvGrhAAkMVtbyZm1E4nRnhIn -1xmuicemY/ZJ9RqpkaMt7Fuit/lXH0H/SWhQk9rM0gK9TcLtu73NYD98+gNLvjzb -k1IPbzjiM4QAjEltRorD+KCfIr7xrqqcJoV+3um+93x6ANBH9icN+ORrmwPt3gfQ -spCBFYtQ8eYQ2ukTuLhv19f+a0q0IFcAFPW+yUjGoH7mJ6ib9Kq/V1dBT+lQ7/th -ynguRrjcRbYHO0p1LC1LU0PKwJM0dMBXynWfY7w+07rJJ7pICun0nJmianR5MtKO -sfPPF6fYIfErEcNgWoRByDZ2i+5f0ilfCD6Cws/+Pd+FLPRiSdmVZExj/sYzLlkz -NcxIhtf752oLcsgpOcNTVqNevw16YesZLCnHB2xi3j2l3KnsALBb6IoHK78mdpqi -I6LeulX6JDL+n9A5N7eQutFU9yplUll6u4XMmyqGqfVcX9A4EtYDLE/nK7U3s36b -Im0hb0uPuft0At800XXZWDkSNjnfZcH11bmoxyhiqafhpQmcXol/vBK71X/k5DBU -NszndeitXBDbZyBx8SXT8TgPjHZhTd7BqY1JDZsnYx643GMjnvbosrXSinFXY9DZ -g9hKIimby/UC1kNYk2n1Hb34Mue+zU5rtD5Xy1gUA1qSUK0juWMIekUpJZAOd5ae -dL/WZFs/fN9oV/ABINW2gmooBeQpTWKfPc3BV2h40ktWMbAGL0isx66KsB2FrGf5 -Di0mfGPzdi6/gR7js7H4asFoV493jPrZJV8oUlybMdwRF0flyilon2aE0ZgrBhrX -sifwfL3izSP+ZLG9iwKURezPFqWrNuk5ihIr34a3ldcv4tnAA/eD8fQbaeFaIiK5 -VbmQYBvq37mXbdLnCsfZjhggDOawefLxbp6IwqE/M9QLQTsm4a43v3Qeo5JJeSfc -FKRXdLay3Q3nUMYAD+9RorGcGyyHqDatywPKW5wH5Y/6cC00BwessR2cCeEoqv4N -ee8ZWGJj4bS3afsd8NA2zCC62Y38K/yY/PVNar2KPA9zmxPOrLm7q6vtDNcLafuR -v+k68sES8G7IvJXxlASUw9iIFOOsIegi8NcLTbQI14MRatL7FUCGvzfs4tvzqEiD -EKGJe/wGAlGew7XiqlCvU8cKuTPMz8VYNZoqWK7DYBx2ZOXyifcoKUuVklI85PP9 -56lESxcuxEMlll8EQf3VCPkhaFUQ2H7v39QLXmGyeeCKZk4s1GswiEAYP1E5DXOg -pRpBt0B1PM8uXrkh1Cwn7n9zI8izcKf1mb1LT4AzGHofeN+k6T/57PsGVzwDiuu3 -AUN5MBCghmgzU6T4nbB1C2LCoPVUXL422Iel4qfPqe3M/Rj081WBNSk6OYh4YW8I -1QfK0T4RmrNvhA4KhSJIK9w5WkSbbte/lquetCpqxjtRczRXwv8rJE5radi2LeIQ -tkf2jTow8N6t4SfU30fe8Oj0mtG2/p182KPtgFC709EjSfezVe6SNR8qf0meKN4X -D+fcUFEm9PsolIKrCjgvPxvbPKQDT9QuuxyB0WObbQ4+s59s6s1gvaIoNhb9DhA3 -O0aevvRz8aZ2PROKXCrIzFH88oyzQfvg3LnUnlJeOICjBuuZdWUc/MWBV1DjWHnK -NYmvwxtd8fIpPnkO8/Wrqx1ev0EBpgfDSA8jB8EGiPSopAliDVpCTRoGbs+KDL5/ -TV7+Tfia6Jaxkn1muJtuhJWzHeKNNKU4+OM4dtlcCvGSjrngGic6d3+1Z/4CWk2E -0cc/BEJn9VOl0kLKfidWG6e8W1efKN0ZW789AVTzoYiFHjOgj84PDXbVd7/cHcRm -rcW88YjhcR2RuoRNqSmVr7HzNwtXsthUaoJFWWv0I6iRN63OXB3bpfnHOJUDO6j6 -nLqaZEjwVbX2/02XnHhKGYn3Y3lkSwVQX4GFSRlTNeE5rWU3k7V9waseSvPNv+MB -pG+62HELyRBgy1tRa8DIQASTvB+pE5EeDegnaQ== -=+pem +hQEMA2PKcvDMvlKLAQgAkvsmypM5oDjMXHpPXEK28NjZYa8y8L0WJhFOGMlG2JUu +zz1SkXorzjaZcNsH8UHjBlmX0fZjfgoPqK3kQoTFji3UkXc8EAFRAe0koWqaA3qF +eNQbQtYumeUrjmgV4YypAyCjhhUvl2u9aqC0CuFUa94/NOvh1oazl+ftqtlMX835 +BiSErKI0ICLMANXrpJKensOX21IXUV90UZQadOndn6MM1whlXNhrZKFpHqpMxPfh +ZtH2CRIsVxTIuiKARHuh1YWmZ9qS4qf5/kOobwzCU5Eoo3eu+boiAK2rHgsaecrD +aDYBuwP+0De/7s+++HhezHA79zpY75o1uL7FHFelTNLqAaOKc2I5qvasYuvWyumd +bXvr4Y+NI7/5mL36VyKd+6IvRS2aiwMIbqAr8+1rH6lpmxTPBeAJheXK0zyBr/6B +xG0GTZVpLgLAvYck9G71UF/38wZ+2bt7VIFJz5mcjdb4FsawlVhMt+4t/1QaOFTS +Kk6GgnVVGjWg6D73MIRp+mgIqi9dmOyk8FM227Cbao+5fxZRxhXw27uGczzkWVRK +uB1PliC0re8DauITabJDJYcmm/03X/hajzAJji0KIpGNuDwhV2XJ6N0vbSp7IPgE +3s0OBYWMHbKG2Hgotgl2MiNC/XTaeHIZsR5k2UPozzuJ21+mKFFU6HU1Po3EQI46 +Ehx3VsMA4TjIqqg7TBL8aTEEFs7JCUoH3hGJOpMgGjvhcJ03iNXG/DeKT09OC1Sv +NNKpJE1gHd/LtcyixYYQEVoSehJntm0M68I5evtSLhN9zw4nYwV/gK8KMxgIjCzv +F9DAqLFIkVSBo5qhg9eG9qCbAovOOhzXpffy/8N5kr/nTyX5W8KrzJGQISN6rP74 +MLayT9eGQ/Yc/SqlFZ7+fB/KlMlRZN73+hupzBpdR2lJrnWO0j93WVucMeIgyT05 +M6NbbCwjiefC7mDg5UlGyDvxMuEj/xHTYZS7gAEgBKbFBpr7TmL+RqPei7ewNcdg +rKWalmZqs4+oTL3RMeMmG+5fLSDzsqdAaMbwhjRg6sBDDe+3NTIDI5GdarfNAwXf +GGHnGkfN82W8ky/qNbKY935Cug5HCFZ0ckFhxo7+I1acgatWEQlJ90nR+YFqDAR8 +CxPBFjHipZxZckbBFfzfT2HXfNytpDe3MPBA55SgrKXtcB36cdlbtB73SGJPSwyi +hR0X92sOMy8i6OhSXe1tsijUn14gezx4x/awxVDdwkAOnr1H+Exq0d5QqZCzDLnA +XTCZDEZHFauFVVb5C7N/CzJdI5TpUqAJv2aRlqQhdupRsAREGdO7ml77SYaxbHGr +jv1XlbP3sucMSDVoH1JtWwJ8Pxps8QhcWl2EIjK9wq85qOLFgqgpAJQkcmculEKE +NtTksuTGUaZmHVVbmfa8XMYIKpQc+0K/lDs2qtmCGWiyh7pamqQCekxIsfP/fRga +SReQ775swD74w3xcTY5ZE3JV44gLT8fq2kKry1/WecUweqt6BKjImjVVrw0oa135 +EBB2hH64ClsC+sNcshQi8kB2MJD1qdUIfhanCAh+2mWkgfITnaCzGsX/puKp1DCh +WdkVsxtHybSSLXSfSnSFNd+2QoHc06yAuaXUuTXkrwgjzsh0r6oxG2/ZCdXed4oo +b2EyTgnf/3U8HgUYRKRDJ8tFuj0VZF8w/AmVU6HrdQ4EJgfolbPz0eOndjoPt0lY +HOk9KgjVoe00VQBmT1Ww05plA26nqB0L0zj6gTz4nesmh8qu9DFLhSJEwxsARC9e +FALqOvnkulqPBzCx4IowJ5GhbeGBOw54aKTQZABCkskY7hGplRDHZw7EpA5DBHA/ +G4+3fYnCTWz0pCGKuhEPtl67AOOjsAO2EG6MXbNIqrm3+4LwENa6WemyT/Mn6ERv +AsvZu+sKJqKodZdP6sNjsCVRkDF9DgxBZMhtVxILJQS+ZsEzzv8Zkv2AErRNR7OB +9Gjaoxl3u8btFnHLaaaDdDnkTFOPaaHWbqq8hMB7XeO+LPRc6/6bYOQBWN+Y8UfR +tn1E1cA3/AFXfX52mnKos0SA9abWuGUFOjPEDWR1KvtqsgRHgEc4lzyjvRD7ctzv +ahpe6S60xwOOruLAfh+D8MYL9NdW+apCp8a08+UVgXBYpNjRQm1kRgCybFEedrPp +w1RmkNExRhq0od3MMtdjAQHDtzoWAmS4SnJd/qACGu1bYt6vhfPyYvlVTis/Myak +X72rxuY+ZU6kTmbcTkUaEZuK7aVIwXEVZia7vb7qHuUV2zKvak7CY/8umPCoTZ69 +EViQWZp9O2ZBd1G7AAiZR7VpvCnmMJ80Bk2215UM00v30PjsWXka1pqY4Q9XIa3Z +sOblTiabEFJ+rghFpGptSfeXn/ShNOZ4hXt2pLMm5Jmp8sAFlh/pAoyFiNUbBxDB +jP1imHOdwSaONc9qv+hZm/Q9/Ww05EpmmEOLuAiy25SzBwyc4OQnlGn3KSy4Kohd +SwvudAA27AR7Z/6m5PP8Yzw6Vi+kk+eqPBs1jD6Y7ae8TWdXlU7kk5ONnNyps7VY +t5843OsVuDGmkkglovpzX9FQUYHKxJIbyBuQDwgYYY4YUoYeshz6qUX4UaiA55RB +yzIEJSG3WxteGgzgW7oWyM2tI7U+79icCf+ZCJR3o9eLfMzP5TkLy70= +=sQ7i -----END PGP MESSAGE----- diff --git a/salt-pillar/cpe/aps.sls b/salt-pillar/cpe/aps.sls index 8fd07d7..1b9f257 100644 --- a/salt-pillar/cpe/aps.sls +++ b/salt-pillar/cpe/aps.sls @@ -1285,6 +1285,21 @@ cpe: server: 172.22.99.22 port: 1812 secret: public + 'FOTOAKADEMIEdd': + net: priv39 + psk: | + -----BEGIN PGP MESSAGE----- + + hQEMA2PKcvDMvlKLAQgAiPE/MGvOWuFHehM3fmQpinKVT8atRH9qDUBRGeSm5I1S + ZIkkw0GJdJbGxAzDfHPyr/rHKvUbt/1rulwQbaL6M9FaaMLIR7LdL6CpalnC4fsb + Y4/b9WTQapbeFVGbBIGaQPtNnT8AMZIralgkFRgDvav86ZLEhl0h7eadidMxR1yi + gStSEeQn0v43+zR1M+R/iiJelQhrKLsKlc31BO263AxJFcfaZNWwPwPnl/uL0+jc + jxTgtYyhSwFtfPu2XZnIMmEDO+3s3n+FHdXh05BejfXjehd40Xx5CCsY3OvpUo2Q + n3CGMPZ4M4EQF3hVvaxBa/R64ET5ZcnXInOlkwhJb9JEAej9AgObLVPUK3nM0wnb + pSzj819p+E5ZriNBijqfZJaKTSPdwadKk1YZuhzJX/cSJewaH1SDZZd7r+XrC/IU + 4TQCu24= + =kCBv + -----END PGP MESSAGE----- 'pci0000:00/0000:00:00.0': channel: 149 htmode: VHT80 diff --git a/salt-pillar/dhcp/init.sls b/salt-pillar/dhcp/init.sls index 1a4f381..152b814 100644 --- a/salt-pillar/dhcp/init.sls +++ b/salt-pillar/dhcp/init.sls @@ -487,3 +487,15 @@ dhcp: routers: priv38-gw.priv38 string-opts: domain-name: priv38.zentralwerk.org + + priv39: + start: 172.20.77.2 + end: 172.20.77.14 + time: 120 + max-time: 86400 + opts: + domain-name-servers: "172.20.73.8, 9.9.9.9" + host-opts: + routers: priv39-gw.priv39 + string-opts: + domain-name: priv39.zentralwerk.org diff --git a/salt-pillar/hosts/init.sls b/salt-pillar/hosts/init.sls index 9136a07..cfe5a24 100644 --- a/salt-pillar/hosts/init.sls +++ b/salt-pillar/hosts/init.sls @@ -154,6 +154,7 @@ hosts-inet: priv36-gw: 172.20.72.50 priv37-gw: 172.20.72.51 priv38-gw: 172.20.72.52 + priv39-gw: 172.20.72.53 pub: pub-gw: 172.20.78.1 @@ -404,6 +405,11 @@ hosts-inet: {%- for i in range(1, 14) %} dhcp{{ i }}: 172.20.76.{{ 193 + i }} {%- endfor %} + priv39: + priv39-gw: 172.20.77.1 +{%- for i in range(1, 14) %} + dhcp{{ i }}: 172.20.77.{{ 1 + i }} +{%- endfor %} radio: radio-gw: 172.20.73.129 @@ -548,6 +554,7 @@ hosts-inet6: priv36-gw: fd23:42:c3d2:581::c:23 priv37-gw: fd23:42:c3d2:581::c:24 priv38-gw: fd23:42:c3d2:581::c:25 + priv39-gw: fd23:42:c3d2:581::c:26 freifunk: fd23:42:c3d2:581:8000::1 @@ -637,6 +644,8 @@ hosts-inet6: priv37-gw: fd23:42:c3d2:5e4::1 priv38: priv38-gw: fd23:42:c3d2:5e5::1 + priv39: + priv39-gw: fd23:42:c3d2:5e6::1 radio: radio-gw: fd23:42:c3d2:586::1 @@ -725,6 +734,7 @@ hosts-inet6: priv36-gw: 2a02:8106:211:e981::c:23 priv37-gw: 2a02:8106:211:e981::c:24 priv38-gw: 2a02:8106:211:e981::c:25 + priv39-gw: 2a02:8106:211:e981::c:26 radio: radio-gw: 2a02:8106:208:5286::1 @@ -805,3 +815,5 @@ hosts-inet6: priv37-gw: 2a02:8106:211:e9e4::1 priv38: priv38-gw: 2a02:8106:211:e9e5::1 + priv39: + priv39-gw: 2a02:8106:211:e9e5::1 diff --git a/salt-pillar/lxc-containers/server1.sls b/salt-pillar/lxc-containers/server1.sls index 50e2726..ddeede9 100644 --- a/salt-pillar/lxc-containers/server1.sls +++ b/salt-pillar/lxc-containers/server1.sls @@ -439,6 +439,17 @@ containers: type: phys hwaddr: 0A:14:48:01:2A:49 + priv39-gw: + interfaces: + core: + type: veth + gw: upstream2 + gw6: upstream2 + hwaddr: 0A:14:48:01:2A:4A + priv39: + type: phys + hwaddr: 0A:14:48:01:2A:4B + upstream1: interfaces: core: diff --git a/salt-pillar/subnets/init.sls b/salt-pillar/subnets/init.sls index 68632ac..137ec67 100644 --- a/salt-pillar/subnets/init.sls +++ b/salt-pillar/subnets/init.sls @@ -39,6 +39,7 @@ subnets-inet: priv36: 172.20.76.64/28 priv37: 172.20.76.128/28 priv38: 172.20.76.192/28 + priv39: 172.20.77.0/28 c3d2: 172.22.99.0/24 mgmt: 10.0.0.0/24 priv17: 172.20.73.128/27 @@ -87,6 +88,7 @@ subnets-inet6: priv36: fd23:42:c3d2:5e3::/64 priv37: fd23:42:c3d2:5e4::/64 priv38: fd23:42:c3d2:5e5::/64 + priv39: fd23:42:c3d2:5e6::/64 c3d2: fd23:42:c3d2:523::/64 up1: c3d2: 2a02:8106:208:5201::/64 @@ -133,3 +135,4 @@ subnets-inet6: priv36: 2a02:8106:211:e9e3::/64 priv37: 2a02:8106:211:e9e4::/64 priv38: 2a02:8106:211:e9e5::/64 + priv39: 2a02:8106:211:e9e6::/64 diff --git a/salt-pillar/switches/init.sls b/salt-pillar/switches/init.sls index 6a3dd6e..eae5cd0 100644 --- a/salt-pillar/switches/init.sls +++ b/salt-pillar/switches/init.sls @@ -208,6 +208,7 @@ switches: - priv36 - priv37 - priv38 + - priv39 c3d2-server4: mode: bond group: 1 @@ -279,6 +280,7 @@ switches: - pub - c3d2 - bmx + - priv39 password: | -----BEGIN PGP MESSAGE----- @@ -776,6 +778,7 @@ switches: - pub - c3d2 - bmx + - priv39 ap2: mode: trunk ports: 2 @@ -792,6 +795,7 @@ switches: - pub - c3d2 - bmx + - priv39 # For testing a new ap ap-test1: mode: trunk diff --git a/subnets.md b/subnets.md index b885464..e71c4fa 100644 --- a/subnets.md +++ b/subnets.md @@ -49,6 +49,7 @@ Machine-readable here: [salt-pillar/subnets](./salt-pillar/subnets/init.sls) * 172.20.76.128-172.20.76.143/28 PRIV37 * 172.20.76.192-172.20.76.207/28 PRIV38 * 172.20.77.0-172.20.77.255/24 RESERVED + * 172.20.77.0-172.20.77.31/28 PRIV39 * 172.20.78.0-172.20.79.255/23 PUBLIC ## RFC 1918: non-routed