Browse Source

ansible

master
zeus 3 years ago
parent
commit
8b3677a851
  1. 354
      infrastructure-as-code/modules/ROOT/pages/index-setup.adoc

354
infrastructure-as-code/modules/ROOT/pages/index-setup.adoc

@ -1,354 +0,0 @@
= Setup
TIP: Tested on a Raspberry Pi with "Buster"
== Intro
networkd is a small and lean service to configure network interfaces, designed mostly for server use cases in a world with hotplugged and virtualized networking. Its configuration is similar in spirit and abstraction level to ifupdown, but you don't need any extra packages to configure bridges, bonds, vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is still much more appropriate for such Desktop use cases.
There are mainly three setups to have a peer to peer network:
* unprotected ad-hoc interface by configuring the WiFi device
* unprotected ad-hoc interface using wpa_supplicant (Recommended)
* Only with suitable (RSN-IBSS capable) USB dongle:
* protected ad-hoc interface using wpa_supplicant and WPA encryption (best solution if possible)
* ad-hoc interface with additional USB/WiFi dongle for uplink to internet router
== Install systemd-networkd
=== deinstall classic networking and install it!
* *sudo su* # if not already done
*deinstall*
[source,sh]
----
systemctl daemon-reload
systemctl disable --now ifupdown dhcpcd dhcpcd5 isc-dhcp-client isc-dhcp-common rsyslog
apt --autoremove purge -f ifupdown dhcpcd dhcpcd5 isc-dhcp-client isc-dhcp-common rsyslog
rm -r /etc/network /etc/dhcp
# setup/enable systemd-resolved and systemd-networkd
systemctl disable --now avahi-daemon libnss-mdns
apt --autoremove -f purge avahi-daemon
apt install -f libnss-resolve
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
apt-mark hold avahi-daemon dhcpcd dhcpcd5 ifupdown isc-dhcp-client isc-dhcp-common libnss-mdns openresolv raspberrypi-net-mods rsyslog
systemctl enable systemd-networkd.service systemd-resolved.service
----
== Install optional
[source,sh]
----
apt-get install raspberrypi-kernel-headers -y
----
=== setup wired connection
*wired connection*
[source,sh]
----
cat > /etc/systemd/network/04-wired.network <<EOF
[Match]
Name=e*
[Network]
## Uncomment only one option block
# Option: using a DHCP server and multicast DNS
LLMNR=no
LinkLocalAddressing=no
MulticastDNS=yes
DHCP=ipv4
# Option: using link-local ip addresses and multicast DNS
#LLMNR=no
#LinkLocalAddressing=yes
#MulticastDNS=yes
# Option: using static ip address and multicast DNS
Address=192.168.1.18/24 // <1>
Gateway=192.168.1.1 // <2>
DNS=8.8.8.8 1.1.1.1 // <3>
MulticastDNS=yes
EOF
----
<1> use your settings
<2> use your settings
<2> use your settings
=== Reboot
NOTE: reboot
== Config
=== NSS
*config nss*
[source,sh]
----
apt --autoremove purge avahi-daemon
apt-mark hold avahi-daemon
apt install -f libnss-resolve
echo ""
echo "For troubleshooting you may have a look at /etc/nsswitch.conf. It should contain a line like this:"
echo ""
echo "hosts: files resolve [!UNAVAIL=return] dns"
echo ""
echo ""
echo ""
echo ""
----
=== DNS
*config dns*
[source,sh]
----
echo ""
echo "Configure DNS stub listener interface"
echo ""
echo "Here we have to symlink /etc/resolv.conf to the stub listener:"
echo ""
echo " exec4you ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf"
ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
echo ""
echo "Check name resolution"
resolvectl status
----
== unprotected ad-hoc interface using wpa_supplicant
Follow *Install systemd-networkd*
Then come back here.
TIP: unprotected
* *sudo su* # if not already done
[source,sh]
----
cat > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf <<EOF
ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
update_config=1
p2p_disabled=1
country=GR
network={
ssid="IBSS-RPiNet"
frequency=2412 # channel 1
mode=1 # IBSS (ad-hoc, peer-to-peer)
key_mgmt=NONE
}
EOF
chmod 600 /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
systemctl enable wpa_supplicant@wlan0.service
echo ""
echo "enabled4you"
echo "systemctl enable wpa_supplicant@wlan0.service"
echo ""
----
=== Reboot
NOTE: Reboot
=== Check
[source,sh]
----
echo ""
echo "Check with:"
echo ""
echo "iw dev"
echo ""
echo "iw dev wlan0 link"
echo ""
echo "ip addr"
echo ""
echo "sudo iw dev wlan0 scan | grep -B8 -A3 "IBSS-RPiNet""
echo ""
# From another ad hoc connected device you should be able to
echo "From another ad hoc connected device you should be able to"
echo ""
echo "ping -c3 raspberrypi.local"
echo ""
----
== protected ad-hoc interface using wpa_supplicant
CAUTION: Raspberry Pi does not support encrypted IBSS connections!. You have to use an additional USB WiFi dongle that usually registers an interface wlan1. My setup shows:
Follow *Install systemd-networkd*
Then come back here.
*check*
[source,sh]
----
iw list | grep -P "Wiphy|RSN-IBSS"
----
*output*
[source,sh]
----
Wiphy phy1
Device supports RSN-IBSS.
Wiphy phy0
----
You cannot find this support entry for Wiphy pyh0 that is the on-board WiFi device.
=== Install driver
TIP: Example TP-Link
[source,sh]
----
echo "lsusb"
echo ""
echo "Example for TP-Link"
echo ""
echo "Bus 001 Device 005: ID 2357:0109 TP-Link TL WN823N RTL8192EU"
echo ""
sudo wget http://downloads.fars-robotics.net/wifi-drivers/install-wifi -O /usr/bin/install-wifi
sudo chmod +x /usr/bin/install-wifi
echo ""
echo "sudo install-wifi -h"
echo ""
echo "will give details on how to use the script."
echo ""
echo "To download the driver for your current kernel use command"
sudo install-wifi
echo "sudo install-wifi 8192eu"
echo ""
sudo install-wifi 8192eu
echo ""
echo "If you update your kernel version you will need to re-run the script to update the driver version."
----
NOTE: *On message: *
====
[source,sh]
----
Your Pi revision number is a02082
You have a Pi 3B v1.2
Checking for a 8188eu wifi driver module for your current kernel.
A driver does not exist for this update.
----
* Find source for driver e.g.
[source,sh]
----
git clone https://github.com/lwfinger/rtl8188eu.git
cd rtl8188eu
make all
sudo make install
sudo depmod
sudo modprobe 8188eu
lsmod 8188eu
----
====
=== setup
[source,sh]
----
sudo systemctl disable --now wpa_supplicant@wlan0.service
echo "sudo -Es # if not already done"
echo ""
cat > /etc/wpa_supplicant/wpa_supplicant-wlan1.conf <<EOF
ctrl_interface=DIR=/run/wpa_supplicant GROUP=netdev
update_config=1
p2p_disabled=1
country=GR
network={
ssid="IBSS-RPiNet"
key_mgmt=WPA-PSK
proto=RSN
psk="verySecretPasswordi123"
mode=1
frequency=2412
}
EOF
chmod 600 /etc/wpa_supplicant/wpa_supplicant-wlan1.conf
systemctl enable wpa_supplicant@wlan1.service
----
=== Reboot
NOTE: reboot
[source,sh]
----
echo ""
echo "reboot."
echo ""
----
=== Check
[source,sh]
----
echo "iw dev"
echo ""
echo "iw dev wlan1 link"
echo ""
echo "ip addr"
echo ""
echo "sudo iw dev wlan1 scan | grep -B8 -A3 "IBSS-RPiNet""
echo ""
echo "From another ad hoc connected device you should be able to"
echo ""
echo "ping -c3 raspberrypi.local"
echo ""
----
* https://raspberrypi.stackexchange.com/questions/94047/how-to-setup-an-unprotected-ad-hoc-ibss-network-and-if-possible-with-wpa-encry/94048#94048[origin^]
Loading…
Cancel
Save