don't force roaming on iot wifi

[noc.git] / ansible / group_vars / accesspoints / main.yml

diff --git a/ansible/group_vars/accesspoints/main.yml b/ansible/group_vars/accesspoints/main.yml
index 321c855..a06696e 100644 (file)
--- a/ansible/group_vars/accesspoints/main.yml
+++ b/ansible/group_vars/accesspoints/main.yml
@@ -1,5 +1,5 @@
 ---
-ssh_root_users:
+ssh_users_root:
   - equinox
   - nicoo
 
@@ -15,17 +15,23 @@ accesspoint_wifi_channels:
 
 accesspoint_zones:
   iot:
-    ssid: "TEST realstuff"
+    ssid: "realstuff"
     encryption: "psk2"
     key: "{{ vault_accesspoint_zones.iot.key }}"
   guests:
-    ssid: "TEST realraum"
+    ssid: "realraum"
     encryption: "psk2"
     key: "{{ vault_accesspoint_zones.guests.key }}"
+    extra_options:
+      disassoc_low_ack: '1'
+      rsn_preauth: '1'
   # members:
-  #   ssid: "TEST r3members"
+  #   ssid: "r3members"
   #   encryption: "psk2"
   #   key: "{{ vault_accesspoint_zones.members.key }}"
+  #   extra_options:
+  #     disassoc_low_ack: '1'
+  #     rsn_preauth: '1'
 
 
 
@@ -113,11 +119,12 @@ accesspoint_wireless_ifaces_yaml: |
       device: 'radio{{ item.freq }}'
       network: '{{ zone }}'
       mode: 'ap'
-      disassoc_low_ack: '1'
-      rsn_preauth: '1'
       ssid: '{{ accesspoint_zones[zone].ssid }}{{ item.ssid }}'
       encryption: '{{ accesspoint_zones[zone].encryption }}'
       key: '{{ accesspoint_zones[zone].key }}'
+  {%     for opt, val in (accesspoint_zones[zone].extra_options | default({}) ).items() %}
+      {{ opt }}: '{{ val }}'
+  {%     endfor %}
   {%   endfor %}
   {% endfor %}
 
@@ -145,10 +152,7 @@ openwrt_mixin:
       net.ipv6.conf.all.forwarding=0
 
   /etc/dropbear/authorized_keys:
-    content: |-
-      {% for key in ssh_keys_root %}
-      {{ key }}
-      {% endfor %}
+    content: "{{ ssh_users_root | user_ssh_keys(users) | join('\n') }}\n"
 
   /etc/htoprc:
     file: "{{ global_files_dir }}/common/htoprc"