playbook: add ors-ue playbook

playbook/ors-ue.yml

+- name: a play that runs entirely on the ansible host
+  hosts: 127.0.0.1
+  connection: local
+
+  roles:
+    - ors-ue

playbook/roles/ors-ue/files/configure-sudoers

+#!/bin/bash
+mkdir -p /etc/sudoers.d
+COMMAND_LIST=("init-ue")
+PARTITION_AMOUNT="$(sed -n 's/partition_amount = \(.*\)/\1/gp' /etc/opt/slapos/slapos.cfg)"
+for c in "${COMMAND_LIST[@]}"; do
+  SLAPUSER_LINES="$(cat /etc/sudoers.d/slapuser-$c 2> /dev/null | wc -l)"
+  if [ "$SLAPUSER_LINES" != "$PARTITION_AMOUNT" ]; then
+    echo "Configuring /etc/sudoers.d/slapuser-$c..."
+    for i in $(seq 0 $(($PARTITION_AMOUNT-1))); do
+      echo "slapuser$i ALL=NOPASSWD:/opt/amarisoft/$c" >> slapuser-$c
+    done
+    mv slapuser-$c /etc/sudoers.d/
+    chmod 440 /etc/sudoers.d/slapuser-$c
+  fi
+done
+c="lteue"
+SLAPUSER_LINES="$(cat /etc/sudoers.d/slapuser-$c 2> /dev/null | wc -l)"
+AMARISOFT_PATH="/opt/amarisoft/$(ls -1 /opt/amarisoft | grep "^v[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}$" | sort | tail -n1)"
+if [ "$SLAPUSER_LINES" != "$PARTITION_AMOUNT" ]; then
+  echo "Configuring /etc/sudoers.d/slapuser-$c..."
+  for i in $(seq 0 $(($PARTITION_AMOUNT-1))); do
+    echo "slapuser$i ALL=NOPASSWD:$AMARISOFT_PATH/ue/lteue" >> slapuser-$c
+  done
+  mv slapuser-$c /etc/sudoers.d/
+  chmod 440 /etc/sudoers.d/slapuser-$c
+fi

playbook/roles/ors-ue/files/get-eth-interface

+#!/bin/bash
+cd /sys/class/net;
+for IF in $(find . -type l -printf "%f\n"); do
+  # If interface is virtual
+  if ! realpath $(readlink $IF) | grep -q "^/sys/devices/virtual"; then
+    # If interface is up
+    if [ "$(cat $IF/operstate)" = "up" ] ; then
+      echo -n $IF
+      exit
+    fi
+  fi
+done

playbook/roles/ors-ue/files/init-ue

+#!/bin/bash
+
+AMARISOFT_PATH="/opt/amarisoft/$(ls -1 /opt/amarisoft | grep "^v[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}$" | sort | tail -n1)"
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:$PATH"
+
+$AMARISOFT_PATH/ue/lte_init.sh;

playbook/roles/ors-ue/meta/main.yml

+---
+dependencies:
+  - { role: package, package_name: dnsmasq, package_state: present  }
+  - { role: package, package_name: ifupdown, package_state: present  }

playbook/roles/ors-ue/tasks/main.yml

+---
+
+  - name: Configure sudoers
+    script: configure-sudoers
+
+  - name: Copy init-ue script
+    copy: src=init-ue dest=/opt/amarisoft owner=root mode=770
+
+  - name: Configure slapos
+    lineinfile: dest=/etc/opt/slapos/slapos.cfg regexp="^create_tun(.*)" line="create_tun = False" state=present
+
+  - name: Disable ansible
+    lineinfile: dest=/etc/anacrontab regexp="^1 10 extra.playbook(.*)" line="" state=absent
+
+  - name: Get ethernet interface name
+    script: get-eth-interface
+    register: eth_interface
+
+  - name: Install ifupdown configuration
+    template:
+      src: interfaces.j2
+      dest: /etc/network/interfaces
+
+  - name: Install re6st configuration
+    template:
+      src: re6stnet.conf.j2
+      dest: /etc/re6stnet/re6stnet.conf

playbook/roles/ors-ue/templates/interfaces.j2

+auto lo
+iface lo inet loopback
+
+allow-hotplug {{ eth_interface.stdout }}:0
+iface {{ eth_interface.stdout }}:0 inet static
+        address 10.2.0.1
+        netmask 255.255.255.0
+
+source /etc/network/interfaces.d/*

playbook/roles/ors-ue/templates/re6stnet.conf.j2

+registry https://re6st-registry.nxdcdn.com/
+ca ca.crt
+cert cert.crt
+key cert.key
+verbose 3
+# enable OpenVPN logging:
+ovpnlog
+# uncomment the following 2 lines to increase OpenVPN verbosity:
+O--verb
+O3
+O--socket-flags
+O"TCP_NODELAY"
+interface ue1-pdn0
+main-interface {{ eth_interface.stdout }}
+
+B-C
+B"interface ue1-pdn0 type tunnel"
+
+max-clients 0
+client-count 0
+
+daemon "exec dnsmasq -k8 - -i {{ eth_interface.stdout }} -F ${re6stnet_subnet%/*},ra-only,$((${re6stnet_subnet#*/}>64 ? ${re6stnet_subnet#*/} : 64)),1d --port 0 -F 10.2.0.2,10.2.0.50,1d -O option:netmask,255.255.255.0 -O option:router,10.2.0.1 -O option:dns-server,1.1.1.1 -O option:ntp-server,216.239.35.0"

playbook/sha256sum

-007dcca4a3c2afdb420092f8b3c7795d2a7c1552efac2bc3635d65ddd8a01dff  -
+814d4d9bad1125791a8e3bd438e1834e79481677752d0fb540852c966ac88b2f  -