Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Push protection #1077

Merged
merged 1 commit into from
Nov 19, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 92 additions & 0 deletions locations/hacrafu-pici.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
---

location: hacrafu-pici
location_nice: Petershagen/Eggersdorf
latitude: 52.527648
longitude: 13.785758
contact_name: "Hacken Craften Funken e.V."
contact_nickname: "HaCraFu e.V."
contacts:
- "[email protected]"

hosts:

- hostname: hacrafu-pici-core
role: corerouter
model: "cudy_ap3000outdoor-v1"
wireless_profile: freifunk_hacrafu
openwrt_version: 24.10-SNAPSHOT

ipv6_prefix: "2001:bf7:850:1e00::/56"
# dhcp 10.248.21.64/27
# mesh5 10.31.42.109/32
# mesh2 10.31.42.110/32
# MGMT 10.31.42.111/32
# TUNNEL 10.248.23.252/31

# Disable noping
# dhcp_no_ping: false

networks:

# MESH - 5 GHz 802.11s
- vid: 20
role: mesh
name: mesh_5g
prefix: 10.31.42.109/32
ipv6_subprefix: -20
mesh_ap: hacrafu-pici-core
mesh_radio: 11a_standard
mesh_iface: mesh

# MESH - 2.4 GHz 802.11s
- vid: 21
role: mesh
name: mesh_2g
prefix: 10.31.42.110/32
ipv6_subprefix: -21
mesh_ap: hacrafu-pici-core
mesh_radio: 11g_standard
mesh_iface: mesh

# DHCP
- vid: 40
role: dhcp
inbound_filtering: false
enforce_client_isolation: false
prefix: 10.248.21.64/27
ipv6_subprefix: 0
assignments:
hacrafu-pici-core: 1

# MGMT
- vid: 42
role: mgmt
prefix: 10.31.42.111/32
gateway: 1
dns: 1
ipv6_subprefix: 1
assignments:
hacrafu-pici-core: 1

# Uplink
- vid: 50
role: uplink
untagged: true

- role: tunnel
ifname: ts_wg0
mtu: 1280
prefix: 10.248.23.252/32
wireguard_port: 51820

- role: tunnel
ifname: ts_wg1
mtu: 1280
prefix: 10.248.23.253/32
wireguard_port: 51821

# only place this ssh-keys
ssh_keys:
- comment: Tom
key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICIpPZouLOf+1WT9ylMa/9mX1dhLTy8W07Q8G5w7KKNz [email protected]