diff options
Diffstat (limited to 'puomi-installer-playbook.yml')
-rw-r--r-- | puomi-installer-playbook.yml | 126 |
1 files changed, 0 insertions, 126 deletions
diff --git a/puomi-installer-playbook.yml b/puomi-installer-playbook.yml deleted file mode 100644 index eb80b5b..0000000 --- a/puomi-installer-playbook.yml +++ /dev/null @@ -1,126 +0,0 @@ -# Ansible playbook for installing a router. - -- hosts: image - pre_tasks: - - name: "add contrib and non-free to APT sources" - apt_repository: - repo: "deb http://deb.debian.org/debian bullseye contrib non-free" - - - name: "install software" - apt: - name: - - hostapd - - firmware-iwlwifi - - haveged - - bridge-utils - - man - - ferm - - dnsmasq - - bind9-dnsutils - - locales-all - - - name: "configure dnsmasq for .d support" - lineinfile: - path: /etc/dnsmasq.conf - regexp: ^conf-dir - line: "conf-dir=/etc/dnsmasq.d/,*.conf" - - - name: "configure dnsmasq for router" - copy: - content: | - dhcp-range=10.1.1.10,10.1.1.250,255.255.255.0,1h - host-record=puomi,10.1.1.1 - interface=br0 - interface=lo - max-cache-ttl=30 - neg-ttl=10 - dest: /etc/dnsmasq.d/router.conf - - - name: "configure hostapd" - copy: - content: | - interface=wlan0 - bridge=br0 - driver=nl80211 - ssid={{ wifi_essid }} - country_code={{ wifi_country_code }} - hw_mode=g - ieee80211n=1 - channel=2 - macaddr_acl=0 - auth_algs=1 - ignore_broadcast_ssid=0 - wmm_enabled=1 - wpa=2 - wpa_passphrase={{ wifi_passphrase }} - wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256 - wpa_pairwise=TKIP - rsn_pairwise=CCMP - dest: /etc/hostapd/hostapd.conf - - - name: "configure ferm firewall" - copy: - content: | - table filter { - chain INPUT policy ACCEPT; - chain OUTPUT policy ACCEPT; - chain FORWARD { - policy ACCEPT; - - # Printer - saddr 10.0.0.73 proto tcp DROP; - saddr 10.0.0.73 proto udp DROP; - } - } - - table nat { - chain POSTROUTING MASQUERADE; - } - dest: /etc/ferm/ferm.conf - - - name: "configure bridge device br0" - copy: - content: | - [NetDev] - Name=br0 - Kind=bridge - dest: /etc/systemd/network/br0.netdev - - - name: "add wired devices to br0" - copy: - content: | - [Match] - Name=eth[^0]* - - [Network] - Bridge=br0 - dest: /etc/systemd/network/wired.network - - - name: "configure br0 to provide DHCP and NAT" - copy: - content: | - [Match] - Name=br0 - - [Network] - Address=10.1.1.1/24 - DHCPServer=false - IPMasquerade=true - ConfigureWithoutCarrier=true - dest: /etc/systemd/network/br0.network - - vars: - ansible_python_interpreter: /usr/bin/python3 - - sane_debian_system_version: 2 - sane_debian_system_codename: bullseye - sane_debian_system_timezone: Europe/Helsinki - sane_debian_system_sources_lists: - - repo: | - deb http://deb.debian.org/debian bullseye contrib non-free - - unix_users_version: 2 - - wifi_essid: Valkama2 - wifi_country_code: FI - wifi_passphrase: Oomam2ah |