router.au configs

2024-09-06 16:52:04 +02:00 · 2024-09-06 16:52:04 +02:00 · d692bd63e6
commit d692bd63e6
9 changed files with 275 additions and 0 deletions
--- a/hamstercage.yaml
+++ b/hamstercage.yaml
@ -0,0 +1,52 @@
+hosts:
+  vvmau.vvm.zs64.net:
+    tags:
+    - all
+    - freebsd
+    - router.au
+tags:
+  all:
+    description: files that apply to all hosts
+  freebsd: {}
+  router.au:
+    entries:
+      /etc/rc.conf:
+        group: wheel
+        mode: 0o644
+        owner: root
+        type: file
+      /home/stb/update-webcams/webcams.ini:
+        group: wheel
+        mode: 0o644
+        owner: stb
+        type: file
+      /usr/local/etc/dnsmasq.conf:
+        group: wheel
+        mode: 0o644
+        owner: root
+        type: file
+      /usr/local/etc/mpd5/mpd.conf:
+        group: wheel
+        mode: 0o644
+        owner: root
+        type: file
+      /usr/local/etc/mpd5/mpd.secret:
+        group: wheel
+        mode: 0o600
+        owner: root
+        type: file
+      /usr/local/etc/mpd5/telekom-up.sh:
+        group: wheel
+        mode: 0o755
+        owner: root
+        type: file
+      /usr/local/etc/mpd5/telekom-up.sh~:
+        group: wheel
+        mode: 0o755
+        owner: root
+        type: file
+      /usr/local/etc/mpd5/telekom.down.sh:
+        group: wheel
+        mode: 0o755
+        owner: root
+        type: file
--- a/tags/router.au/etc/rc.conf
+++ b/tags/router.au/etc/rc.conf
@ -0,0 +1,54 @@
+hostname="vvmau.vvm.zs64.net"
+
+cloned_interfaces="bridge8 bridge104 bridge105"
+vlans_igb0="2 3 6 7 8 104 105"
+
+create_args_bridge8="ether 02:00:00:00:03:68 addm igb0.8"
+create_args_bridge104="ether 02:00:00:00:03:68"
+create_args_bridge105="ether 02:00:00:00:03:69"
+ifconfig_bridge8_name="br8"
+ifconfig_bridge104_name="br104"
+ifconfig_bridge105_name="br105"
+ifconfig_br104_descr="Freifunk Suedholstein Clients"
+ifconfig_br105_descr="Freifunk Suedholstein Mesh"
+ifconfig_br104="addm igb0.104 up"
+ifconfig_br105="addm igb0.105 up"
+
+ifconfig_igb0="up description Trunk"
+ifconfig_igb0_2="inet 44.128.0.1/26 description Infrastructure"
+ifconfig_igb0_3="inet 192.168.1.123/24 description Modem"
+ifconfig_igb0_6="inet 44.128.1.1/24 description IOT"
+ifconfig_igb0_7="inet 44.128.2.1/24 description Office"
+ifconfig_br8="inet 44.128.3.1/24 description Guest"
+ifconfig_igb0_104="up"
+ifconfig_igb0_105="up"
+#ifconfig_igb2="DHCP"
+#ifconfig_igb2_ipv6="inet6 accept_rtadv"
+ifconfig_igb2="44.128.255.1/24 description MgmtFallback"
+
+clear_tmp_enable="YES"
+dumpdev="AUTO"
+gateway_enable="YES"
+ipv6_gateway_enable="YES"
+kld_list="ng_ether pf pflog"
+
+dnsmasq_enable="YES"
+dnsmasq_flags="-i lo0,igb1,igb2,igb0.2,igb0.6,igb0.7,br8"
+lldpd_enable="YES"
+openvpn_zs64_enable="YES"
+mpd_enable="YES"
+ntpd_enable="YES"
+pf_enable="YES"
+powerd_enable="YES"
+sendmail_enable="NONE"
+sshd_enable="YES"
+tailscaled_enable="YES"
+telegraf_enable="YES"
+tinyproxy_enable="YES"
+unifi_enable="YES"
+vm_enable="YES"
+vm_dir="zfs:zroot/vms"
+vm_list="ffsh"
+#wireguard_enable="YES"
+wireguard_interfaces="wg0"
+zfs_enable="YES"
--- a/tags/router.au/home/stb/update-webcams/webcams.ini
+++ b/tags/router.au/home/stb/update-webcams/webcams.ini
@ -0,0 +1,28 @@
+[general]
+# FTP coordinates
+hostname = ftp.example.com
+username = webcam-user
+password = geheim
+url_pattern = http://{}.internal.example.com/snapshot/view0.jpg
+label_pattern = %Y-%m-%d %H:%M Lokschuppen Aumühle {}
+verbose = true
+interval = 60
+
+# Where to archive images; leave out to not archive any
+archive_dir = ./archive
+
+[Halle]
+title = Halle
+filename = vvm-wc-au-halle
+host = webcam1
+
+[Hof]
+title = Hof
+filename = vvm-wc-au-hof
+host = webcam2
+
+[Feldbahn]
+title = Feldbahn
+filename = vvm-wc-au-dachbau
+; host = webcam3
+url = http://webcam3.other.example.net/snapshot/view0.jpg
--- a/tags/router.au/usr/local/etc/dnsmasq.conf
+++ b/tags/router.au/usr/local/etc/dnsmasq.conf
@ -0,0 +1,49 @@
+no-resolv
+
+server=1.1.1.1
+server=8.8.8.8
+
+local=/lan/
+domain=lan
+
+enable-ra
+
+### DHCP ranges
+
+dhcp-authoritative
+
+# VLAN 2: 44.128.0.0/26: infrastructure like switches
+dhcp-range=44.128.0.16,44.128.0.62,255.255.255.0,24h
+dhcp-range=::1000,::2000,constructor:igb0.2,ra-stateless,ra-names
+# ???
+dhcp-range=44.128.0.77,44.128.0.126,255.255.255.0,24h
+#dhcp-range=::1000,::2000,constructor:igb0.7,ra-stateless,ra-names
+# VLAN 6: 44.128.1.0/24: IoT like ESPs, cameras
+dhcp-range=44.128.1.16,44.128.1.253,255.255.255.0,24h
+dhcp-range=::1000,::2000,constructor:igb0.6,ra-stateless,ra-names
+# VLAN 7: 44.128.2.0/24: Office, general network
+dhcp-range=44.128.2.16,44.128.2.253,255.255.255.0,24h
+dhcp-range=::1000,::2000,constructor:igb0.7,ra-stateless,ra-names
+# VLAN 8: 44.128.3.0/24: Guest
+dhcp-range=44.128.3.16,44.128.3.253,255.255.255.0,24h
+dhcp-range=::1000,::2000,constructor:igb0.8,ra-stateless,ra-names
+# Last resort: interface igb2 on the router
+dhcp-range=44.128.255.17,44.128.255.62,255.255.255.0,24h
+
+### Fixed host entries/reservations
+
+# Fritzbox 7240 as main SIP client
+dhcp-host=00:1A:4F:03:B3:06,44.128.1.2
+# Fritzbox 7240 Raum 1
+dhcp-host=00:1f:3f:d3:d2:24,44.128.1.3
+
+# Cameras
+# alt Grandstream
+#dhcp-host=00:0B:82:B7:8A:AA,44.128.1.11
+# neu reolink
+dhcp-host=ec:71:db:b4:0f:96,44.128.1.11
+dhcp-host=00:0B:82:60:BF:C0,44.128.1.12
+dhcp-host=00:0b:82:5d:87:0f,44.128.1.13
+
+# Office-Netz
+dhcp-host=00:26:18:d5:2c:23,44.128.2.2
--- a/tags/router.au/usr/local/etc/mpd5/mpd.conf
+++ b/tags/router.au/usr/local/etc/mpd5/mpd.conf
@ -0,0 +1,40 @@
+startup:
+	set user mpd-admin 3500mt admin
+	set console self 127.0.0.1 5005
+	set console open
+	set web self 44.128.0.1 5006
+	set web open
+
+default:
+	load telekom
+
+telekom:
+	create bundle static B1
+	set iface route default
+	set iface enable on-demand
+	set ipcp ranges 0.0.0.0/0 0.0.0.0/0
+	set ipcp yes req-pri-dns
+	set ipcp yes req-sec-dns
+	set bundle enable ipv6cp
+	#set iface enable nat
+	set iface enable tcpmssfix
+	set iface up-script /usr/local/etc/mpd5/telekom-up.sh
+	set iface down-script /usr/local/etc/mpd5/telekom-down.sh
+	create link static L1 pppoe
+	set link action bundle B1
+	set auth authname 0029217422425511101816990001@t-online.de
+	set link max-redial 0
+	set link mtu 1492
+	set link mru 1492
+	set link keep-alive 10 60
+	set pppoe iface igb0.3
+	set pppoe service ""
+	log +auth*
+	log +ipcp*
+	log +ipv6cp*
+	log +lcp*
+	log +link*
+	log +phys*
+	log +iface*
+	log +bund*
+	open
--- a/tags/router.au/usr/local/etc/mpd5/mpd.secret
+++ b/tags/router.au/usr/local/etc/mpd5/mpd.secret
@ -0,0 +1 @@
+0029217422425511101816990001@t-online.de	Zj70zwTX
--- a/tags/router.au/usr/local/etc/mpd5/telekom-up.sh
+++ b/tags/router.au/usr/local/etc/mpd5/telekom-up.sh
@ -0,0 +1,23 @@
+#!/bin/sh
+
+exec 2>&1 >/var/log/dsl.log
+
+echo  "$(date) \$@" $*
+
+set -xv
+
+interface="$1"
+family="$2"
+
+case $family in
+  inet)
+    ;;
+  inet6)
+    route -6 delete default
+    route -6 add default -interface ng0
+    ifconfig ng0 inet6 accept_rtadv defaultif
+    /usr/local/sbin/dhcp6c -c /usr/local/etc/dhcp6c.conf -p /var/run/dhcp6c.pid ng0
+    ;;
+esac
+
+exit 0
--- a/tags/router.au/usr/local/etc/mpd5/telekom-up.sh~
+++ b/tags/router.au/usr/local/etc/mpd5/telekom-up.sh~
@ -0,0 +1,23 @@
+#!/bin/sh
+
+exec 2>&1 >/var/log/dsl.log
+
+echo  "$(date) \$@" $*
+
+set -x
+
+interface="$1"
+family="$2"
+
+case $family in
+  inet)
+    ;;
+  inet6)
+    route -6 delete default
+    route -6 add default -interface ng0
+    ifconfig ng0 inet6 accept_rtadv defaultif
+    /usr/local/sbin/dhcp6c -c /usr/local/etc/dhcp6c.conf -p /var/run/dhcp6c.pid ng0
+    ;;
+esac
+
+exit 0
--- a/tags/router.au/usr/local/etc/mpd5/telekom.down.sh
+++ b/tags/router.au/usr/local/etc/mpd5/telekom.down.sh
@ -0,0 +1,5 @@
+#!/bin/sh
+Y=`date '+%Y%m%d-%H%M%S'`
+echo $Y "down" $* >> /var/log/dsl.log
+#
+exit 0
				`@ -0,0 +1 @@`
				`0029217422425511101816990001@t-online.de Zj70zwTX`