freifunk/puppet-ff_gw
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

use augeas for /etc/network/interfaces, leave lo and eth0 as they were

Browse source
This commit is contained in:
Martin Schuette 2014-06-22 18:28:43 +02:00
parent 2073295b3c
commit 30e37c0f37
1 changed files with 55 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
manifests/init.pp
View file

@ -73,6 +73,10 @@ class ff_gw::software {
class ff_gw::fastd($mesh_mac, $gw_ipv4, $gw_ipv6, $secret_key) { class ff_gw::fastd($mesh_mac, $gw_ipv4, $gw_ipv6, $secret_key) {
validate_re($mesh_mac, '^de:ad:be:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$') validate_re($mesh_mac, '^de:ad:be:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}$')
# TODO: parameterize interface names
$br_if='br-ffhh'
$bat_if='bat0'
$mesh_if='ffhh-mesh-vpn'
file { file {
'/etc/fastd/ffhh-mesh-vpn': '/etc/fastd/ffhh-mesh-vpn':
@ -95,39 +99,57 @@ class ff_gw::fastd($mesh_mac, $gw_ipv4, $gw_ipv6, $secret_key) {
ensure => file, ensure => file,
mode => '0755', mode => '0755',
source => 'puppet:///modules/ff_gw/usr/local/bin/check_gateway'; source => 'puppet:///modules/ff_gw/usr/local/bin/check_gateway';
'/etc/network/interfaces': }
ensure => file, ->
# # should use an abstraction layer like https://forge.puppetlabs.com/ajjahn/network,
content => inline_template('# managed by puppet # but I found none that is flexible enough to handle all our config lines
augeas {
# The loopback network interface "${br_if}-inet6":
auto lo context => '/files/etc/network/interfaces',
iface lo inet loopback show_diff => true,
changes => [
# The primary network interface "set auto[child::1 = '${br_if}']/1 ${br_if}",
allow-hotplug eth0 "set iface[. = '${br_if}'][1] ${br_if}",
iface eth0 inet dhcp "set iface[. = '${br_if}'][1]/family inet6",
"set iface[. = '${br_if}'][1]/method static",
auto br-ffhh "set iface[. = '${br_if}'][1]/bridge-ports none",
iface br-ffhh inet6 static "set iface[. = '${br_if}'][1]/address $gw_ipv6",
bridge-ports none "set iface[. = '${br_if}'][1]/netmask 64",
address <%= @gw_ipv6 %> ],
netmask 64 }
iface br-ffhh inet static ->
address <%= @gw_ipv4 %> augeas {
netmask 255.255.192.0 "${br_if}-inet":
context => '/files/etc/network/interfaces',
allow-hotplug bat0 show_diff => true,
iface bat0 inet6 manual changes => [
pre-up modprobe batman-adv "set iface[. = '${br_if}'][2] ${br_if}",
pre-up batctl if add ffhh-mesh-vpn "set iface[. = '${br_if}'][2]/family inet",
up ip link set $IFACE up "set iface[. = '${br_if}'][2]/method static",
post-up brctl addif br-ffhh $IFACE "set iface[. = '${br_if}'][2]/address $gw_ipv4",
post-up batctl it 10000 "set iface[. = '${br_if}'][2]/netmask 255.255.192.0",
post-up /sbin/ip rule add from all fwmark 0x1 table 42 ],
pre-down brctl delif br-ffhh $IFACE || true }
down ip link set $IFACE down ->
'); # TODO: parameterize ffhh-mesh-vpn
augeas {
"${bat_if}":
context => '/files/etc/network/interfaces',
show_diff => true,
changes => [
"set allow-hotplug[child::1 = '${bat_if}']/1 ${bat_if}",
"set iface[. = '${bat_if}'] ${bat_if}",
"set iface[. = '${bat_if}']/family inet6",
"set iface[. = '${bat_if}']/method manual",
"set iface[. = '${bat_if}']/pre-up[1] 'modprobe batman-adv'",
"set iface[. = '${bat_if}']/pre-up[2] 'batctl if add ${mesh_if}'",
"set iface[. = '${bat_if}']/up 'ip link set \$IFACE up'",
"set iface[. = '${bat_if}']/post-up[1] 'brctl addif ${br_if} \$IFACE'",
"set iface[. = '${bat_if}']/post-up[2] 'batctl it 10000'",
"set iface[. = '${bat_if}']/post-up[3] '/sbin/ip rule add from all fwmark 0x1 table 42'",
"set iface[. = '${bat_if}']/pre-down 'brctl delif ${br_if} \$IFACE || true'",
"set iface[. = '${bat_if}']/down 'ip link set \$IFACE down'",
];
} }
-> ->
vcsrepo { '/etc/fastd/ffhh-mesh-vpn/peers': vcsrepo { '/etc/fastd/ffhh-mesh-vpn/peers':