更新natgw版本至v1.3.8,
更新radius_server 安装部署.
This commit is contained in:
lijia
@@ -11,13 +11,8 @@ wannat_global:
|
||||
vpn_client_ip_range: "10.10.120.2-254"
|
||||
sentry_upload_key: "e8e446bb3bd8435c97f4c01770ca7025"
|
||||
|
||||
wangw:
|
||||
NAT_GW_tunnel_device: "enp6s0"
|
||||
WAN_GW_tunnel_listen_port: 3544
|
||||
NAT_GW_tunnel_ip: "192.168.40.161"
|
||||
NAT_GW_tunnel_remote_port: 3544
|
||||
|
||||
natgw:
|
||||
device: "eth0"
|
||||
wannat_ip: "192.168.40.161"
|
||||
wannat_port: 3545
|
||||
natgw_bind_port: 3544
|
||||
@@ -36,11 +31,6 @@ wannat_global:
|
||||
max_item_number: 10000
|
||||
lru_timeout: 60
|
||||
config_src_type: "redis"
|
||||
|
||||
wiregraft:
|
||||
identification_by_which_device: "enp6s0"
|
||||
toroad_server_ip: "192.168.40.134"
|
||||
toroad_server_port: 8888
|
||||
|
||||
pptp:
|
||||
mtu: 2000
|
||||
@@ -52,7 +42,7 @@ wannat_global:
|
||||
server_ip: "192.168.44.72"
|
||||
|
||||
rpm_files:
|
||||
natgw_rpm_file: "wannat_natgw-1.3.7.5af7bbb-2.el7.x86_64.rpm"
|
||||
natgw_rpm_file: "wannat_natgw-1.3.8.ed8832d-2.el7.x86_64.rpm"
|
||||
wire_graft_rpm_file: "libwire_graft-1.3.7.b5d9a8a-2.el7.x86_64.rpm"
|
||||
toroad_rpm_file: "toroad-1.2.4.d25d72a-2.el7.x86_64.rpm"
|
||||
ppp_rpm_file: "ppp-2.4.5-34.el7_7.x86_64.rpm"
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
[all:vars]
|
||||
ansible_user=root
|
||||
install_sapp=false
|
||||
install_device_sn=false
|
||||
install_device_tag=false
|
||||
|
||||
[wangw]
|
||||
192.168.40.161
|
||||
4
readme.txt
Normal file
4
readme.txt
Normal file
@@ -0,0 +1,4 @@
|
||||
for example:
|
||||
step 1: cd wannat_ansible_script
|
||||
step 2: update deploy_env/group_vars/all.yml and deploy_env/hosts variables according to the actual environment
|
||||
step 3: ansible-playbook -i deploy_env/hosts wannat-install.yml
|
||||
Binary file not shown.
Binary file not shown.
@@ -57,6 +57,7 @@
|
||||
name: natgw
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
state: started
|
||||
|
||||
|
||||
|
||||
@@ -48,4 +48,5 @@
|
||||
name: pptpd
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
state: started
|
||||
|
||||
|
||||
@@ -106,6 +106,20 @@
|
||||
packages:
|
||||
- /tmp/xerces-c-3.1.1-10.el7_7.x86_64.rpm
|
||||
|
||||
- name: "Creates /etc/raddb"
|
||||
file:
|
||||
path: /etc/raddb
|
||||
state: directory
|
||||
|
||||
- name: "Creates /etc/raddb/mods-available"
|
||||
file:
|
||||
path: /etc/raddb/mods-available
|
||||
state: directory
|
||||
|
||||
- name: "Creates /etc/raddb/mods-enabled"
|
||||
file:
|
||||
path: /etc/raddb/mods-enabled
|
||||
state: directory
|
||||
|
||||
|
||||
- name: "Template the radiusd config file"
|
||||
@@ -113,19 +127,6 @@
|
||||
src: "{{ role_path }}/templates/radiusd.conf.j2"
|
||||
dest: /etc/raddb/radiusd.conf
|
||||
tags: template
|
||||
|
||||
- name: "create symbolic link"
|
||||
shell: ln -sf /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
|
||||
args:
|
||||
executable: /bin/bash
|
||||
tags: shell
|
||||
|
||||
- name: "chgrp file para"
|
||||
shell: chgrp -h radiusd /etc/raddb/mods-enabled/sql
|
||||
args:
|
||||
executable: /bin/bash
|
||||
tags: shell
|
||||
|
||||
|
||||
- name: "Template the radiusd.conf file"
|
||||
template:
|
||||
@@ -138,8 +139,28 @@
|
||||
src: "{{ role_path }}/templates/sql.j2"
|
||||
dest: /etc/raddb/mods-available/sql
|
||||
tags: template
|
||||
|
||||
|
||||
- name: "create symbolic link"
|
||||
shell: ln -sf /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
|
||||
args:
|
||||
warn: false
|
||||
executable: /bin/bash
|
||||
tags: shell
|
||||
|
||||
- name: "create symbolic link"
|
||||
shell: ln -sf /etc/raddb/mods-available/sqlippool /etc/raddb/mods-enabled/
|
||||
args:
|
||||
warn: false
|
||||
executable: /bin/bash
|
||||
tags: shell
|
||||
|
||||
- name: "chgrp file para"
|
||||
shell: chgrp -h radiusd /etc/raddb/mods-enabled/sql
|
||||
args:
|
||||
warn: false
|
||||
executable: /bin/bash
|
||||
tags: shell
|
||||
|
||||
- name: "Template the clients.conf file"
|
||||
template:
|
||||
src: "{{ role_path }}/templates/clients.conf.j2"
|
||||
@@ -154,14 +175,18 @@
|
||||
tags: template
|
||||
|
||||
- name: "Template the sites-available default file"
|
||||
template:
|
||||
src: "{{ role_path }}/templates/sites-available/default.j2"
|
||||
dest: /etc/raddb/sites-available/default
|
||||
tags: template
|
||||
# template:
|
||||
# src: "{{ role_path }}/templates/sites-available/default.j2"
|
||||
# dest: /etc/raddb/sites-available/default
|
||||
# tags: template
|
||||
synchronize:
|
||||
src: "{{ role_path }}/templates/sites-available/default"
|
||||
dest: "/etc/raddb/sites-available/"
|
||||
|
||||
- name: "enable radiusd service"
|
||||
systemd:
|
||||
name: radiusd
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
state: started
|
||||
|
||||
|
||||
@@ -39,3 +39,4 @@
|
||||
name: toroad
|
||||
enabled: yes
|
||||
daemon_reload: yes
|
||||
state: started
|
||||
|
||||
@@ -1,10 +1,8 @@
|
||||
---
|
||||
|
||||
- hosts: natgw
|
||||
roles:
|
||||
- libwire_graft
|
||||
- natgw
|
||||
|
||||
vars_files:
|
||||
- deploy_env/group_vars/all.yml
|
||||
|
||||
@@ -15,23 +13,24 @@
|
||||
vars_files:
|
||||
- deploy_env/group_vars/all.yml
|
||||
|
||||
|
||||
- hosts: radius_client
|
||||
roles:
|
||||
- radius_client
|
||||
|
||||
#radius server installed by bifang
|
||||
#- hosts: radius_server
|
||||
# roles:
|
||||
# - radius_server
|
||||
vars_files:
|
||||
- deploy_env/group_vars/all.yml
|
||||
|
||||
- hosts: pptpd
|
||||
roles:
|
||||
- pptpd
|
||||
vars_files:
|
||||
- deploy_env/group_vars/all.yml
|
||||
|
||||
- hosts: radius_server
|
||||
roles:
|
||||
- radius_server
|
||||
vars_files:
|
||||
- deploy_env/group_vars/all.yml
|
||||
|
||||
#- hosts: openvpn
|
||||
# roles:
|
||||
# - openvpn
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1,41 +1,76 @@
|
||||
---
|
||||
- hosts: wangw
|
||||
- hosts: toroad
|
||||
tasks:
|
||||
- name: "stop sapp service"
|
||||
service:
|
||||
name: sapp
|
||||
state: stopped
|
||||
ignore_errors: yes
|
||||
when: install_sapp | bool
|
||||
|
||||
- name: "stop toroad service"
|
||||
service:
|
||||
name: toroad
|
||||
state: stopped
|
||||
ignore_errors: yes
|
||||
|
||||
- name: "uninstall wangw plug"
|
||||
|
||||
- name: "uninstall toroad"
|
||||
yum:
|
||||
name: "libwangw"
|
||||
name: "toroad"
|
||||
state: absent
|
||||
|
||||
- name: "uninstall libwire_graft"
|
||||
yum:
|
||||
name: "libwire_graft"
|
||||
state: absent
|
||||
state: absent
|
||||
|
||||
- name: "uninstall libwire_graft-devel"
|
||||
yum:
|
||||
name: "libwire_graft-devel"
|
||||
state: absent
|
||||
|
||||
- hosts: natgw
|
||||
tasks:
|
||||
- name: "stop natgw service"
|
||||
service:
|
||||
name: natgw
|
||||
state: stopped
|
||||
ignore_errors: yes
|
||||
|
||||
- name: "uninstall toroad"
|
||||
- name: "uninstall wannat_natgw"
|
||||
yum:
|
||||
name: "toroad"
|
||||
state: absent
|
||||
name: "wannat_natgw"
|
||||
state: absent
|
||||
|
||||
- name: "uninstall libwire_graft plug"
|
||||
- hosts: radius_server
|
||||
tasks:
|
||||
- name: "stop radiusd service"
|
||||
service:
|
||||
name: radiusd
|
||||
state: stopped
|
||||
ignore_errors: yes
|
||||
|
||||
- name: "uninstall freeradius"
|
||||
yum:
|
||||
name: "libwire_graft"
|
||||
state: absent
|
||||
name: "freeradius"
|
||||
state: absent
|
||||
|
||||
- name: "uninstall freeradius-mysql"
|
||||
yum:
|
||||
name: "freeradius-mysql"
|
||||
state: absent
|
||||
|
||||
- name: "uninstall freeradius-utils"
|
||||
yum:
|
||||
name: "freeradius-utils"
|
||||
state: absent
|
||||
|
||||
|
||||
- hosts: radius_client
|
||||
tasks:
|
||||
- name: "uninstall radiusclient-ng"
|
||||
yum:
|
||||
name: "radiusclient-ng"
|
||||
state: absent
|
||||
|
||||
- hosts: pptpd
|
||||
tasks:
|
||||
- name: "stop pptpd service"
|
||||
service:
|
||||
name: pptpd
|
||||
state: stopped
|
||||
ignore_errors: yes
|
||||
|
||||
- name: "uninstall pptpd"
|
||||
yum:
|
||||
name: "pptpd"
|
||||
state: absent
|
||||
|
||||
Reference in New Issue
Block a user