labb-wifi: initial commit

To set up WiFi: ```sh ap -D -i inventory.yml wireless-setup.yml -e @default_vars.yml --ask-vault-pass ```
2022-07-25 22:28:57 -04:00 · 2022-07-25 22:28:57 -04:00 · c7e9c5f5b9
commit c7e9c5f5b9
6 changed files with 258 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+*~
--- a/ansible.cfg
+++ b/ansible.cfg
@ -0,0 +1,3 @@
+[ssh_connection]
+scp_if_ssh: true
+scp_extra_args: "-O"
--- a/2
+++ b/2
@ -0,0 +1,2 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDbIPttWTNZohBWQhMRkmubSlzEsLR7QFJyVxrX7FPKpIF90i7KN1X+QqjfxXTJMgWXAAaar+WRsABlj5a29rHVOcwniw2zgd+ptWKmVXp8JQI15B0l8xfMWJ+iF6AwJAjVVG2USgH0u3DQTfoEd7wDzVTqj37GVlxKWT+kr1oYI/qBpA4BZr9+4IA/ZpJkHKdBSAwv7kGas3v/r/TQQwga5rfnbGlFdDgBDI7KFZ0ShMjuaYJ3P3GcPwW7g5iE3t76my4o1PVRacNaxnthAtwdMk+5jU6nDZJE3yT8NPdSYSMcLoFlZJ/YmCh8A9S2VJ5vfMkYhLQGUCDhPa+er/X46vzatWeNlChBQ3/oa8nRQVNTr6kL8wkcGiOw0qBRMoXB34jcmR6U4z5aXtNdC4lqzE+UPgu8A1Ar3CVN1k5X8ZMadl+imqPtGYbOkmN4Nlz6nOO39TaXZF0+KIwclGOiAZuZcfmrnP0DNIR3RN1LAFVpxELjNZRxEpPoFj5yNM8zwL8GIyH4wLM5YZRmwq4xvw4uvC86wsmwEp1gx29JN02MEN7exbns2WWF/FcgAaFzdAq+bRhJ1Q3bZ7ko537yCBQF8CncXcUBJZK/Lwh1rXDXa0ZaQ05DCmm7HrdgsD7WMmyKwWFA97z1KXUCyBB5jBsIUGUBwVJ0Vty17rrRbQ== mkennedy@mkennedy-T480s
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEysezzehXkUOm8u8nXP+YloSE8JpKYevCslao5tB2l root@neo
--- a/default_vars.yml
+++ b/default_vars.yml
@ -0,0 +1,76 @@
+wifi_iface:
+
+  default: &default_wifi_iface
+    ssid: 'OpenWrt'
+    mode: 'ap'
+    encryption: 'psk2'
+    key: 'password'
+    disassoc_low_ack: '0'
+    skip_inactivity_poll: '1'
+
+  labb_default: &default_wifi_iface_labb
+    <<: *default_wifi_iface
+    ssid: 'Laboratory B'
+
+  vgo2:
+    <<: *default_wifi_iface
+    ssid: 'Vermont Green Offices 2G'
+    network: 'vgolan'
+    key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          63626332663164663666656466373031633564663435646531663331666262626265656335646364
+          6538626639643564653331313232336330336265303562370a333061613737343263333364616539
+          66316130633532313962633335663639346161373030373736626430623164343563653031356235
+          6632333462623266300a666532373662303661666231303937326138663634623139326563623334
+          3735
+
+  vgo5:
+    <<: *default_wifi_iface
+    ssid: 'Vermont Green Offices 5G'
+    network: 'vgolan'
+    key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          63626332663164663666656466373031633564663435646531663331666262626265656335646364
+          6538626639643564653331313232336330336265303562370a333061613737343263333364616539
+          66316130633532313962633335663639346161373030373736626430623164343563653031356235
+          6632333462623266300a666532373662303661666231303937326138663634623139326563623334
+          3735
+
+  labb:
+    <<: *default_wifi_iface
+    ssid: 'Laboratory B'
+    network: 'lan'
+    key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          64626336363839393430386532656139316433643266373463666463613138353266316330366261
+          3366663933383030326637386135306531396266646233310a313466353639356561616361303332
+          36356631346334636438316464356561373336653034313037666236386232316231393831353431
+          3163343464646535370a636331383863653137646636343831643961633633333536393539643861
+          62326536343964333331653966663931313438333161626533393235373232626265
+
+wifi_device:
+
+  default: &default_wifi_device
+    channel: auto
+    country: US
+    disabled: 0
+
+  qca9880_5:
+    <<: *default_wifi_device
+    band: 5g
+    htmode: VHT80
+
+  ath9k_2:
+    <<: *default_wifi_device
+    band: 2g
+    htmode: HT20
+
+  ath9k_5: &ath9k_5
+    <<: *default_wifi_device
+    band: 5g
+    htmode: HT40
+
+device:
+
+  ethbridge:
+    type: bridge
--- a/inventory.yml
+++ b/inventory.yml
@ -0,0 +1,105 @@
+openwrt:
+  hosts:
+    ap3825i2.lan:
+      network:
+        device:
+        - name: br-lan
+          type: bridge
+          ports:
+          - eth0
+          - eth1
+
+        - name: br-vgolan
+          type: bridge
+          ports:
+          - eth0.2
+
+        interface:
+        - key: lan
+          device: br-lan
+          proto: dhcp
+
+        - key: vgolan
+          device: br-vgolan
+          proto: dhcp
+
+      wireless:
+        wifi_device:
+        - name: radio0
+          path: ffe0a000.pcie/pcia000:02/a000:02:00.0/a000:03:00.0
+          template: qca9880_5
+
+        - name: radio1
+          path: ffe09000.pcie/pci9000:00/9000:00:00.0/9000:01:00.0
+          template: ath9k_2
+
+        wifi_iface:
+        - ifname: vgo2
+          device: radio1
+          template: vgo2
+          disabled: 1
+
+        - ifname: vgo5
+          device: radio0
+          template: vgo5
+          disabled: 1
+
+        - ifname: labb2
+          device: radio1
+          template: labb
+
+        - ifname: labb5
+          device: radio0
+          template: labb
+
+    ap3825i3.lan:
+      network:
+        device:
+        - name: br-lan
+          type: bridge
+          ports:
+          - eth0
+
+        - name: br-vgolan
+          type: bridge
+          ports:
+          - eth0.2
+          - eth1
+
+        interface:
+        - key: lan
+          device: br-lan
+          proto: dhcp
+
+        - key: vgolan
+          device: br-vgolan
+          proto: dhcp
+
+      wireless:
+        wifi_device:
+        - name: radio0
+          path: ffe0a000.pcie/pcia000:02/a000:02:00.0/a000:03:00.0
+          template: qca9880_5
+          channel: 157
+
+        - name: radio1
+          path: ffe09000.pcie/pci9000:00/9000:00:00.0/9000:01:00.0
+          template: ath9k_2
+          channel: 1
+
+        wifi_iface:
+        - ifname: vgo2
+          device: radio1
+          template: vgo2
+
+        - ifname: vgo5
+          device: radio0
+          template: vgo5
+
+        - ifname: labb2
+          device: radio1
+          template: labb
+
+        - ifname: labb5
+          device: radio0
+          template: labb
--- a/wireless-setup.yml
+++ b/wireless-setup.yml
@ -0,0 +1,71 @@
+- hosts: openwrt
+  roles:
+    - gekmihesg.openwrt
+  tasks:
+
+    - name: Setup network devices
+      uci:
+        command: section
+        config: network
+        type: device
+        find_by:
+          name: "{{ item.name }}"
+        value:
+          type: "{{ item.type }}"
+          ports: "{{ item.ports }}"
+      loop: "{{ network['device'] }}"
+
+    - name: Setup network interfaces
+      uci:
+        command: section
+        config: network
+        type: interface
+        name: "{{ item.key }}"
+        value:
+          device: "{{ item.device }}"
+          proto: "{{ item.proto }}"
+      loop: "{{ network['interface'] }}"
+
+    - name: commit changes
+      uci:
+        command: commit
+        key: network
+      notify: restart network
+
+    - name: Setup wireless devices (radios)
+      uci:
+        command: section
+        config: wireless
+        type: wifi-device
+        find_by:
+          path: "{{ item.path }}"
+        value:
+          band: "{{ item.band | default(wifi_device[item.template].band) }}"
+          channel: "{{ item.channel | default(wifi_device[item.template].channel) }}"
+          country: "{{ item.country | default(wifi_device[item.template].country) }}"
+          disabled: "{{ item.disabled | default(wifi_device[item.template].disabled) }}"
+          htmode: "{{ item.htmode | default(wifi_device[item.template].htmode) }}"
+      loop: "{{ wireless['wifi_device'] }}"
+
+    - name: Setup wireless ifaces (VIFs)
+      uci:
+        command: section
+        config: wireless
+        type: wifi-iface
+        find:
+          ifname: "{{ item.ifname | default(wifi_iface[item.template].ifname) | default('') }}"
+        value:
+          ifname: "{{ item.ifname | default(wifi_iface[item.template].ifname) | default('') }}"
+          device: "{{ item.device | default(wifi_iface[item.template].device) }}"
+          network: "{{ item.network | default(wifi_iface[item.template].network) }}"
+          ssid: "{{ item.ssid | default(wifi_iface[item.template].ssid) }}"
+          encryption: "{{ item.encryption | default(wifi_iface[item.template].encryption) }}"
+          key: "{{ item.key | default(wifi_iface[item.template].key) }}"
+          disabled: "{{ item.disabled | default(wifi_iface[item.template].disabled) | default(0) }}"
+      loop: "{{ wireless['wifi_iface'] }}"
+
+    - name: commit changes
+      uci:
+        command: commit
+        key: wireless
+      notify: reload wifi