---
+ssh_users_root:
+ - equinox
+ - nicoo
+
accesspoint_wifi_channels:
2.4g:
ap0: 3
accesspoint_zones:
iot:
- ssid: "TEST realstuff"
+ ssid: "realstuff"
encryption: "psk2"
key: "{{ vault_accesspoint_zones.iot.key }}"
guests:
- ssid: "TEST realraum"
+ ssid: "realraum"
encryption: "psk2"
key: "{{ vault_accesspoint_zones.guests.key }}"
+ extra_options:
+ disassoc_low_ack: '1'
+ rsn_preauth: '1'
# members:
- # ssid: "TEST r3members"
+ # ssid: "r3members"
# encryption: "psk2"
# key: "{{ vault_accesspoint_zones.members.key }}"
+ # extra_options:
+ # disassoc_low_ack: '1'
+ # rsn_preauth: '1'
## * https://www.reddit.com/r/openwrt/comments/515oea/finally_got_80211r_roaming_working/
## * https://gist.github.com/lg/998d3e908d547bd9972a6bb604df377b
accesspoint_wireless_ifaces: "{{ accesspoint_wireless_ifaces_yaml | from_yaml }}"
+accesspoint_wireless_types:
+ - { name: only, ssid: 2.4, freq: 2g4 }
+ - { name: only, ssid: 5, freq: 5g }
+ - { name: '', ssid: '', freq: 2g4 }
+ - { name: '', ssid: '', freq: 5g }
accesspoint_wireless_ifaces_yaml: |
- {% for item in accesspoint_zones.keys() %}
- - name: wifi-iface '{{ item }}2g4only'
- options:
- device: 'radio2g4'
- network: '{{ item }}'
- mode: 'ap'
- disassoc_low_ack: '1'
- rsn_preauth: '1'
- ssid: '{{ accesspoint_zones[item].ssid }}2.4'
- encryption: '{{ accesspoint_zones[item].encryption }}'
- key: '{{ accesspoint_zones[item].key }}'
-
- - name: wifi-iface '{{ item }}5gonly'
- options:
- device: 'radio5g'
- network: '{{ item }}'
- mode: 'ap'
- disassoc_low_ack: '1'
- rsn_preauth: '1'
- ssid: '{{ accesspoint_zones[item].ssid }}5'
- encryption: '{{ accesspoint_zones[item].encryption }}'
- key: '{{ accesspoint_zones[item].key }}'
-
- - name: wifi-iface '{{ item }}2g4'
+ {% for zone in accesspoint_zones.keys() %}
+ {% for item in accesspoint_wireless_types %}
+ - name: wifi-iface '{{ zone }}{{ item.freq }}{{ item.name }}'
options:
- device: 'radio2g4'
- network: '{{ item }}'
+ device: 'radio{{ item.freq }}'
+ network: '{{ zone }}'
mode: 'ap'
- disassoc_low_ack: '1'
- rsn_preauth: '1'
- ssid: '{{ accesspoint_zones[item].ssid }}'
- encryption: '{{ accesspoint_zones[item].encryption }}'
- key: '{{ accesspoint_zones[item].key }}'
-
- - name: wifi-iface '{{ item }}5g'
- options:
- device: 'radio5g'
- network: '{{ item }}'
- mode: 'ap'
- disassoc_low_ack: '1'
- rsn_preauth: '1'
- ssid: '{{ accesspoint_zones[item].ssid }}'
- encryption: '{{ accesspoint_zones[item].encryption }}'
- key: '{{ accesspoint_zones[item].key }}'
+ ssid: '{{ accesspoint_zones[zone].ssid }}{{ item.ssid }}'
+ encryption: '{{ accesspoint_zones[zone].encryption }}'
+ key: '{{ accesspoint_zones[zone].key }}'
+ {% for opt, val in (accesspoint_zones[zone].extra_options | default({}) ).items() %}
+ {{ opt }}: '{{ val }}'
+ {% endfor %}
+ {% endfor %}
{% endfor %}
net.ipv6.conf.all.forwarding=0
/etc/dropbear/authorized_keys:
- content: |-
- {% for key in noc_ssh_keys %}
- {{ key }}
- {% endfor %}
+ content: "{{ ssh_users_root | user_ssh_keys(users) | join('\n') }}\n"
- /root/.config/htop/htoprc:
- content: |
- # Beware! This file is rewritten by htop when settings are changed in the interface.
- # The parser is also very primitive, and not human-friendly.
- fields=0 48 17 18 38 39 40 2 46 47 49 1
- sort_key=46
- sort_direction=1
- hide_threads=0
- hide_kernel_threads=1
- hide_userland_threads=0
- shadow_other_users=0
- show_thread_names=0
- show_program_path=1
- highlight_base_name=1
- highlight_megabytes=1
- highlight_threads=1
- tree_view=1
- header_margin=1
- detailed_cpu_time=0
- cpu_count_from_zero=0
- update_process_names=0
- account_guest_in_cpu_meter=0
- color_scheme=0
- delay=15
- left_meters=AllCPUs Memory Swap
- left_meter_modes=1 1 1
- right_meters=Tasks LoadAverage Uptime
- right_meter_modes=2 2 2
+ /etc/htoprc:
+ file: "{{ global_files_dir }}/common/htoprc"
openwrt_uci:
projects / noc.git / blobdiff