new task-based approach

2024-11-21 22:23:10 +01:00 · 2021-11-06 16:09:30 +01:00 · 2021-11-06 16:09:30 +01:00 · d4feb1a13f
commit d4feb1a13f
parent af2c948bd8
2 changed files with 67 additions and 17 deletions
--- a/playbook.yml
+++ b/playbook.yml
@ -6,6 +6,7 @@
 - hosts: innernet_server
  remote_user: root
  vars:
+    innernet_version: "1.5.0"
    # interface/innernet parent network name
    network_name: "fsfe"
    # 10.200.0.1 to 10.200.255.254
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@ -3,23 +3,72 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later

 ---
-# - name: Install packages
-#   apt:
-#     package:
-#       - rsync
-#       - wireguard
-#       - wireguard-tools
+- name: Install needed packages
+  apt:
+    package:
+      - cargo
+      - librust-clang-sys-dev
+      - rsync
+      - rustc
+      - rust-libsqlite3-sys # this is currenlty coming from sid
+      - wireguard
+      - wireguard-tools

-# - name: Transfer innernet-server release
-#   synchronize:
-#     src: "innernet-server_1.5.0_amd64.deb"
-#     dest: "/tmp/innernet-server.deb"
+- name: Clone from our innernet mirror
+  git:
+    repo: "https://git.fsfe.org/fsfe-system-hackers/innernet"
+    dest: "~/innernet"
+    version: "{{ innernet_version }}"

-# - name: Install innernet-server release
-#   apt: deb="/tmp/innernet-server.deb"
+- name: Build innernet-server binary from source
+  shell:
+    cmd: |
+      cargo build \
+      --release \
+      --bin innernet-server
+    chdir: "~/innernet"

- name: Copy initialisation script to server
-  template:
-    src: initialise.j2
-    dest: /root/initialise.sh
-    mode: "0755"
+- name: Create base network
+  shell: |
+    innernet-server new \
+    --network-name "{{ network_name }}" \
+    --network-cidr "{{ network_cidr }}" \
+    --external-endpoint "[{{ hostvars[inventory_hostname]['ansible_default_ipv6']['address'] }}]:{{ network_listen_port }}" \
+    --listen-port {{ network_listen_port }}
+  ignore_errors: true
+
+- name: Create CIDRs
+  shell: |
+    innernet-server add-cidr "{{ network_name }}" \
+        --parent "{{ item.parent }}" \
+        --name "{{ item.name }}" \
+        --cidr "{{ item.cidr }}" \
+        --yes
+  with_items: "{{ cidrs }}"
+  ignore_errors: true
+
+- name: Create admin peers
+  shell: |
+    innernet-server add-peer "{{ network_name }}" \
+        --name "{{ item.name }}" \
+        --cidr "{{ item.cidr }}" \
+        --admin true \
+        --save-config "{{ item.name }}.toml" \
+        --invite-expires "14d" \
+        --auto-ip \
+        --yes
+  with_items: "{{ admin_peers }}"
+  ignore_errors: true
+
+- name: Create peers
+  shell: |
+    innernet-server add-peer "{{ network_name }}" \
+        --name "{{ item.name }}" \
+        --cidr "{{ item.cidr }}" \
+        --admin false \
+        --save-config "{{ item.name }}.toml" \
+        --invite-expires "14d" \
+        --auto-ip \
+        --yes
+  with_items: "{{ peers }}"
+  ignore_errors: true