116 lines
3.3 KiB
Puppet
116 lines
3.3 KiB
Puppet
class { 'ffnord::params':
|
|
router_id => "10.112.1.11", # The id of this router, probably the ipv4 address
|
|
# of the mesh device of the providing community
|
|
icvpn_as => "49009", # The as of the providing community
|
|
wan_devices => ['eth0'], # A array of devices which should be in the wan zone
|
|
|
|
conntrack_max => 131072,
|
|
conntrack_tcp_timeout => 3600,
|
|
conntrack_udp_timeout => 65,
|
|
|
|
wmem_default => 1572864,
|
|
wmem_max => 1572864,
|
|
rmem_default => 1572864,
|
|
rmem_max => 1572864,
|
|
|
|
max_backlog => 5000,
|
|
}
|
|
|
|
ffnord::mesh { 'mesh_ffhh':
|
|
mesh_name => "Freifunk Hamburg",
|
|
mesh_code => "ffhh",
|
|
mesh_as => 49009,
|
|
mesh_mac => "de:ad:be:ef:01:01",
|
|
vpn_mac => "de:ad:be:ff:01:01",
|
|
mesh_ipv6 => "2a03:2267::202/64",
|
|
mesh_ipv4 => "10.112.1.11/18",
|
|
mesh_mtu => "1406",
|
|
range_ipv4 => "10.112.0.0/16",
|
|
mesh_peerings => "/root/mesh_peerings.yaml",
|
|
|
|
fastd_secret => "/root/fastd_secret.key",
|
|
fastd_port => 10000,
|
|
fastd_peers_git => 'git@git.hamburg.freifunk.net:fastdkeys',
|
|
|
|
dhcp_ranges => [ '10.112.2.2 10.112.9.254'
|
|
],
|
|
dns_servers => [ '10.112.1.1'
|
|
],
|
|
}
|
|
|
|
ffnord::mesh { 'mesh_helgo':
|
|
mesh_name => "Freifunk Helgoland",
|
|
mesh_code => "helgo",
|
|
mesh_as => 65189,
|
|
mesh_mac => "de:ad:aa:ef:01:01",
|
|
vpn_mac => "de:ad:ab:ef:01:01",
|
|
mesh_ipv6 => "2a03:2267:4e16:01ad::101/64",
|
|
mesh_ipv4 => "10.189.1.1/18",
|
|
mesh_mtu => "1406",
|
|
range_ipv4 => "10.189.0.0/18",
|
|
mesh_peerings => "/root/mesh_peerings_helgo.yaml",
|
|
|
|
fastd_secret => "/root/fastd_secret_helgo.key",
|
|
fastd_port => 10100,
|
|
fastd_peers_git => 'git@git.hamburg.freifunk.net:helgokeys',
|
|
|
|
dhcp_ranges => [ '10.189.10.2 10.189.17.254'
|
|
],
|
|
dns_servers => [ '10.112.1.1'
|
|
],
|
|
}
|
|
|
|
ffnord::dhcpd::static {
|
|
'ffhh': static_git => 'https://github.com/freifunkhamburg/dhcp-static.git';
|
|
}
|
|
|
|
ffnord::uplink6::bgp {
|
|
'suede0':
|
|
local_ipv6 => "2a03:2267:ffff:0c00::2",
|
|
remote_ipv6 => "2a03:2267:ffff:0c00::1",
|
|
remote_as => "49009",
|
|
uplink_interface => "eth1";
|
|
}
|
|
ffnord::uplink6::interface {
|
|
'eth1':;
|
|
}
|
|
|
|
ffnord::icvpn::setup { 'hamburg01':
|
|
icvpn_as => 49009,
|
|
icvpn_ipv4_address => "10.207.0.61",
|
|
icvpn_ipv6_address => "fec0::a:cf:0:3d",
|
|
icvpn_exclude_peerings => [hamburg],
|
|
tinc_keyfile => "/root/tinc_rsa_key.priv"
|
|
}
|
|
|
|
class {
|
|
'ffnord::uplink::ip':
|
|
nat_network => '185.66.193.61/32',
|
|
tunnel_network => '100.64.0.128/26',
|
|
}
|
|
ffnord::uplink::tunnel {
|
|
'ffrlber':
|
|
local_public_ip => "80.252.100.115",
|
|
remote_public_ip => "185.66.195.1",
|
|
local_ipv4 => "100.64.0.161/31",
|
|
remote_ip => "100.64.0.160",
|
|
tunnel_mtu => "1400",
|
|
remote_as => "201701";
|
|
'ffrldus':
|
|
local_public_ip => "80.252.100.115",
|
|
remote_public_ip => "185.66.193.1",
|
|
local_ipv4 => "100.64.0.163/31",
|
|
remote_ip => "100.64.0.162",
|
|
tunnel_mtu => "1400",
|
|
remote_as => "201701";
|
|
}
|
|
|
|
class { 'ffnord::alfred': master => false }
|
|
|
|
class { 'ffnord::etckeeper': }
|
|
|
|
class {
|
|
'ffnord::monitor::zabbix':
|
|
zabbixserver => "80.252.106.17";
|
|
}
|