forked from Freifunk-Nord/nord-puppet-config
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmanifest.pp
62 lines (52 loc) · 2.35 KB
/
manifest.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
class { 'ffnord::params':
router_id => "10.187.103.1", # The id of this router, probably the ipv4 address
# of the mesh device of the providing community
icvpn_as => "65187", # The as of the providing community
wan_devices => ['eth0'], # An array of devices which should be in the wan zone
wmem_default => 87380, # Define the default socket send buffer
wmem_max => 12582912, # Define the maximum socket send buffer
rmem_default => 87380, # Define the default socket recv buffer
rmem_max => 12582912, # Define the maximum socket recv buffer
gw_control_ips => "8.8.8.8", # Define target to ping against for function check
max_backlog => 5000, # Define the maximum packages in buffer
include_bird4 => false,
maintenance => 0,
batman_version => 15, # B.A.T.M.A.N. adv version
}
# aus https://github.com/ffnord/site-nord/blob/master/site.conf
# und https://github.com/freifunk/icvpn-meta/blob/master/nord
ffnord::mesh { 'mesh_ffnord':
mesh_name => "Freifunk Kreis Steinburg"
, mesh_code => "ffnord"
, mesh_as => "65187"
, mesh_mac => "de:ed:be:ef:ff:01"
, vpn_mac => "de:ed:be:ff:ff:01"
, mesh_ipv6 => "fd42:eb49:c0b5:4242::fc01/64"
, mesh_ipv4 => "10.187.103.1/17"
, range_ipv4 => "10.187.0.0/16"
, mesh_mtu => "1312"
, mesh_peerings => "/opt/nord-iz-puppet-config/mesh_peerings.yaml"
, fastd_secret => "/root/nord-iz-gw01-fastd-secret.key"
, fastd_port => 10050
, fastd_peers_git => 'https://github.com/Freifunk-IZ/nord-iz-gw-peers.git'
, fastd_verify=> 'true' # set this to 'true' to accept all fastd keys without verification
, dhcp_ranges => ['10.187.103.2 10.187.105.254']
, dns_servers => ['10.187.103.1'] # should be the same as $router_id
}
class {'ffnord::vpn::provider::hideio':
openvpn_server => "$$$",
openvpn_port => 3478,
openvpn_user => "$$$",
openvpn_password => "$$$";
}
ffnord::named::zone {
"nord": zone_git => "https://github.com/Freifunk-IZ/nord-iz-zone.git", exclude_meta => 'nord';
}
class {
['ffnord::etckeeper','ffnord::rsyslog','ffnord::mosh']:
}
# Useful packages
package {
['vim','tcpdump','dnsutils','realpath','screen','htop','mlocate','tig','unattended-upgrades','tmux','sshguard']:
ensure => installed;
}