commit c7e9c5f5b9f5ccac12f8c6c5f4d2c28d9c9ab626 Author: Martin Kennedy Date: Mon Jul 25 22:28:57 2022 -0400 labb-wifi: initial commit To set up WiFi: ```sh ap -D -i inventory.yml wireless-setup.yml -e @default_vars.yml --ask-vault-pass ``` diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b25c15b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*~ diff --git a/ansible.cfg b/ansible.cfg new file mode 100644 index 0000000..f32d00f --- /dev/null +++ b/ansible.cfg @@ -0,0 +1,3 @@ +[ssh_connection] +scp_if_ssh: true +scp_extra_args: "-O" diff --git a/authorized_keys b/authorized_keys new file mode 100644 index 0000000..c508951 --- /dev/null +++ b/authorized_keys @@ -0,0 +1,2 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbIPttWTNZohBWQhMRkmubSlzEsLR7QFJyVxrX7FPKpIF90i7KN1X+QqjfxXTJMgWXAAaar+WRsABlj5a29rHVOcwniw2zgd+ptWKmVXp8JQI15B0l8xfMWJ+iF6AwJAjVVG2USgH0u3DQTfoEd7wDzVTqj37GVlxKWT+kr1oYI/qBpA4BZr9+4IA/ZpJkHKdBSAwv7kGas3v/r/TQQwga5rfnbGlFdDgBDI7KFZ0ShMjuaYJ3P3GcPwW7g5iE3t76my4o1PVRacNaxnthAtwdMk+5jU6nDZJE3yT8NPdSYSMcLoFlZJ/YmCh8A9S2VJ5vfMkYhLQGUCDhPa+er/X46vzatWeNlChBQ3/oa8nRQVNTr6kL8wkcGiOw0qBRMoXB34jcmR6U4z5aXtNdC4lqzE+UPgu8A1Ar3CVN1k5X8ZMadl+imqPtGYbOkmN4Nlz6nOO39TaXZF0+KIwclGOiAZuZcfmrnP0DNIR3RN1LAFVpxELjNZRxEpPoFj5yNM8zwL8GIyH4wLM5YZRmwq4xvw4uvC86wsmwEp1gx29JN02MEN7exbns2WWF/FcgAaFzdAq+bRhJ1Q3bZ7ko537yCBQF8CncXcUBJZK/Lwh1rXDXa0ZaQ05DCmm7HrdgsD7WMmyKwWFA97z1KXUCyBB5jBsIUGUBwVJ0Vty17rrRbQ== mkennedy@mkennedy-T480s +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEysezzehXkUOm8u8nXP+YloSE8JpKYevCslao5tB2l root@neo diff --git a/default_vars.yml b/default_vars.yml new file mode 100644 index 0000000..1507028 --- /dev/null +++ b/default_vars.yml @@ -0,0 +1,76 @@ +wifi_iface: + + default: &default_wifi_iface + ssid: 'OpenWrt' + mode: 'ap' + encryption: 'psk2' + key: 'password' + disassoc_low_ack: '0' + skip_inactivity_poll: '1' + + labb_default: &default_wifi_iface_labb + <<: *default_wifi_iface + ssid: 'Laboratory B' + + vgo2: + <<: *default_wifi_iface + ssid: 'Vermont Green Offices 2G' + network: 'vgolan' + key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63626332663164663666656466373031633564663435646531663331666262626265656335646364 + 6538626639643564653331313232336330336265303562370a333061613737343263333364616539 + 66316130633532313962633335663639346161373030373736626430623164343563653031356235 + 6632333462623266300a666532373662303661666231303937326138663634623139326563623334 + 3735 + + vgo5: + <<: *default_wifi_iface + ssid: 'Vermont Green Offices 5G' + network: 'vgolan' + key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63626332663164663666656466373031633564663435646531663331666262626265656335646364 + 6538626639643564653331313232336330336265303562370a333061613737343263333364616539 + 66316130633532313962633335663639346161373030373736626430623164343563653031356235 + 6632333462623266300a666532373662303661666231303937326138663634623139326563623334 + 3735 + + labb: + <<: *default_wifi_iface + ssid: 'Laboratory B' + network: 'lan' + key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 64626336363839393430386532656139316433643266373463666463613138353266316330366261 + 3366663933383030326637386135306531396266646233310a313466353639356561616361303332 + 36356631346334636438316464356561373336653034313037666236386232316231393831353431 + 3163343464646535370a636331383863653137646636343831643961633633333536393539643861 + 62326536343964333331653966663931313438333161626533393235373232626265 + +wifi_device: + + default: &default_wifi_device + channel: auto + country: US + disabled: 0 + + qca9880_5: + <<: *default_wifi_device + band: 5g + htmode: VHT80 + + ath9k_2: + <<: *default_wifi_device + band: 2g + htmode: HT20 + + ath9k_5: &ath9k_5 + <<: *default_wifi_device + band: 5g + htmode: HT40 + +device: + + ethbridge: + type: bridge diff --git a/inventory.yml b/inventory.yml new file mode 100644 index 0000000..703a88f --- /dev/null +++ b/inventory.yml @@ -0,0 +1,105 @@ +openwrt: + hosts: + ap3825i2.lan: + network: + device: + - name: br-lan + type: bridge + ports: + - eth0 + - eth1 + + - name: br-vgolan + type: bridge + ports: + - eth0.2 + + interface: + - key: lan + device: br-lan + proto: dhcp + + - key: vgolan + device: br-vgolan + proto: dhcp + + wireless: + wifi_device: + - name: radio0 + path: ffe0a000.pcie/pcia000:02/a000:02:00.0/a000:03:00.0 + template: qca9880_5 + + - name: radio1 + path: ffe09000.pcie/pci9000:00/9000:00:00.0/9000:01:00.0 + template: ath9k_2 + + wifi_iface: + - ifname: vgo2 + device: radio1 + template: vgo2 + disabled: 1 + + - ifname: vgo5 + device: radio0 + template: vgo5 + disabled: 1 + + - ifname: labb2 + device: radio1 + template: labb + + - ifname: labb5 + device: radio0 + template: labb + + ap3825i3.lan: + network: + device: + - name: br-lan + type: bridge + ports: + - eth0 + + - name: br-vgolan + type: bridge + ports: + - eth0.2 + - eth1 + + interface: + - key: lan + device: br-lan + proto: dhcp + + - key: vgolan + device: br-vgolan + proto: dhcp + + wireless: + wifi_device: + - name: radio0 + path: ffe0a000.pcie/pcia000:02/a000:02:00.0/a000:03:00.0 + template: qca9880_5 + channel: 157 + + - name: radio1 + path: ffe09000.pcie/pci9000:00/9000:00:00.0/9000:01:00.0 + template: ath9k_2 + channel: 1 + + wifi_iface: + - ifname: vgo2 + device: radio1 + template: vgo2 + + - ifname: vgo5 + device: radio0 + template: vgo5 + + - ifname: labb2 + device: radio1 + template: labb + + - ifname: labb5 + device: radio0 + template: labb diff --git a/wireless-setup.yml b/wireless-setup.yml new file mode 100644 index 0000000..b6d4717 --- /dev/null +++ b/wireless-setup.yml @@ -0,0 +1,71 @@ +- hosts: openwrt + roles: + - gekmihesg.openwrt + tasks: + + - name: Setup network devices + uci: + command: section + config: network + type: device + find_by: + name: "{{ item.name }}" + value: + type: "{{ item.type }}" + ports: "{{ item.ports }}" + loop: "{{ network['device'] }}" + + - name: Setup network interfaces + uci: + command: section + config: network + type: interface + name: "{{ item.key }}" + value: + device: "{{ item.device }}" + proto: "{{ item.proto }}" + loop: "{{ network['interface'] }}" + + - name: commit changes + uci: + command: commit + key: network + notify: restart network + + - name: Setup wireless devices (radios) + uci: + command: section + config: wireless + type: wifi-device + find_by: + path: "{{ item.path }}" + value: + band: "{{ item.band | default(wifi_device[item.template].band) }}" + channel: "{{ item.channel | default(wifi_device[item.template].channel) }}" + country: "{{ item.country | default(wifi_device[item.template].country) }}" + disabled: "{{ item.disabled | default(wifi_device[item.template].disabled) }}" + htmode: "{{ item.htmode | default(wifi_device[item.template].htmode) }}" + loop: "{{ wireless['wifi_device'] }}" + + - name: Setup wireless ifaces (VIFs) + uci: + command: section + config: wireless + type: wifi-iface + find: + ifname: "{{ item.ifname | default(wifi_iface[item.template].ifname) | default('') }}" + value: + ifname: "{{ item.ifname | default(wifi_iface[item.template].ifname) | default('') }}" + device: "{{ item.device | default(wifi_iface[item.template].device) }}" + network: "{{ item.network | default(wifi_iface[item.template].network) }}" + ssid: "{{ item.ssid | default(wifi_iface[item.template].ssid) }}" + encryption: "{{ item.encryption | default(wifi_iface[item.template].encryption) }}" + key: "{{ item.key | default(wifi_iface[item.template].key) }}" + disabled: "{{ item.disabled | default(wifi_iface[item.template].disabled) | default(0) }}" + loop: "{{ wireless['wifi_iface'] }}" + + - name: commit changes + uci: + command: commit + key: wireless + notify: reload wifi