Initial commit

2024-10-30 01:50:38 +01:00
commit 587ca23374
147 changed files with 7521 additions and 0 deletions
--- a/roles/wireless/README.md
+++ b/roles/wireless/README.md
@@ -0,0 +1,83 @@
+# `flyoverhead.openwrt.wireless`
+
+OpenWRT `wireless` configuration
+- configure wireless devices
+- create/delete/configure wireless interfaces
+
+## Role Variables
+
+| Variable | Descritpion | Status | Type | Example |
+| :--- | :--- | :--- | :--- | :--- |
+| `wireless_devices` | List of [wireless devices](https://openwrt.org/docs/guide-user/network/wifi/basic#wi-fi_devices) |  | `list of dictionaries` |  |
+| &emsp;`id` | Radio device ID | `mandatory` | `string` | `radio0` |
+| &emsp;`type` | Radio device type | `optional` | `string` | `mac80211` |
+| &emsp;`disabled` | Disable radio adapter | `required` | `boolean` | `0` |
+| &emsp;`channel` | Wireless channel (`integer` of `auto`) | `optional` | `string` | `auto` |
+| &emsp;`band` | Wireless band (`2g` or `5g`) | `optional` | `string` | `2g` |
+| &emsp;`htmode` | Wireless channel width | `optional` | `string` | `HT20` |
+| &emsp;`country` | Country code for adaptive channels and transmission powers | `optional` | `string` | `US` |
+| `wireless_interfaces` | List of [wireless interfaces](https://openwrt.org/docs/guide-user/network/wifi/basic#wi-fi_interfaces) |  | `list of dictionaries` |  |
+| &emsp;`id` | Unique interface ID | `mandatory` | `string` | `iot0` |
+| &emsp;`name` | Unique interface name | `mandatory` | `string` | `iot0` |
+| &emsp;`state` | Interface status (`present` or `absent`) | `required` | `string` | `present` |
+| &emsp;`device` | Radio device associated with the interface | `mandatory` | `string` | `radio0` |
+| &emsp;`network` | List of networks associated with the interface | `required` | `list` | `iot` |
+| &emsp;`mode` | Wireless interface operation mode | `required` | `string` | `ap` |
+| &emsp;`disabled` | Disable wireless network | `required` | `boolean` | `0` |
+| &emsp;`ssid` | Wireless network SSID | `required` | `string` | `OpenWrt` |
+| &emsp;`mesh_id` | ID of the mesh network (as defined in IEEE 802.11s) to join wireless interface to | `optional` | `string` | `example_mesh_id` |
+| &emsp;`hidden` | Disable broadcasting of beacon frames to hide ESSID | `optional` | `boolean` | `0` |
+| &emsp;`isolate` | Isolate wireless clients from each other | `optional` | `boolean` | `0` |
+| &emsp;`encryption` | Wireless encryption method | `required` | `string` | `psk2` |
+| &emsp;`key` | Passphrase for pre-shared key | `required` | `string` | `password` |
+| &emsp;`macfilter` | MAC filter policy (`disable`, `allow` or `deny`) | `optional` | `string` | `disable` |
+| &emsp;`maclist` | List of MAC addresses used fot MAC filter policy | `optional` | `list` | `["00:11:22:33:44:55", "55:44:33:22:11:00"]` |
+| &emsp;`ieee80211r` | Enable fast BSS transition (802.11r) support | `optional` | `boolean` | `0` |
+| &emsp;`mobility_domain` | Enable Mobility Domain identifier used to indicate a group of APs between which a STA can use fast BSS transition (will be generated automatically) | `optional` | `boolean` | `1` |
+| &emsp;`ft_over_ds` | Enable FT-over-DS | `optional` | `boolean` | `1` |
+| &emsp;`ft_psk_generate_local` | Enable local generation of FT response for PSK networks | `optional` | `boolean` | `1` |
+
+## Dependencies
+
+| Name | Description |
+| :--- | :--- |
+| `Ansible Role: openwrt` | [Ansible role by gekmihesg](https://github.com/gekmihesg/ansible-openwrt) for managing OpenWRT and derivatives |
+
+## Example Playbook
+
+```yaml
+- hosts: openwrt
+  roles:
+      - role: flyoverhead.openwrt.wireless
+```
+
+## Example Vars
+
+```yaml
+wireless_devices:
+  - id: "radio0"
+    type: "mac80211"
+    channel: "auto"
+wireless_interfaces:
+  - id: "lan0"
+    name: "lan0"
+    state: "present"
+    device: "radio0"
+    network: ["lan"]
+    mode: "ap"
+    ssid: "openwrt"
+    encryption: "psk2"
+    key: "password"
+```
+
+## License
+
+[GNU General Public License v3.0](https://www.gnu.org/licenses/gpl-3.0.txt)
+
+## Author Information
+
+fly0v3rH34D
+
+## References
+
+- https://openwrt.org/docs/guide-user/network/wifi/basic
--- a/roles/wireless/defaults/main.yml
+++ b/roles/wireless/defaults/main.yml
@@ -0,0 +1,32 @@
+---
+# device section
+wireless_devices:
+  - id: ""
+    type: ""
+    disabled: ""
+    channel: ""
+    band: ""
+    htmode: ""
+    country: ""
+
+# interface section
+wireless_interfaces:
+  - id: ""
+    name: ""
+    state: ""
+    device: ""
+    network: []
+    mode: ""
+    disabled: ""
+    ssid: ""
+    mesh_id: ""
+    hidden: ""
+    isolate: ""
+    encryption: ""
+    key: ""
+    macfilter: ""
+    maclist: []
+    ieee80211r: ""
+    mobility_domain: ""
+    ft_over_ds: ""
+    ft_psk_generate_local: ""
--- a/roles/wireless/handlers/main.yml
+++ b/roles/wireless/handlers/main.yml
@@ -0,0 +1,8 @@
+---
+# Reload wireless service
+- name: Reload wireless
+  ansible.builtin.command:
+    cmd: "/sbin/wifi {{ item }}"
+  register: reload_wifi_status
+  changed_when: reload_wifi_status != 0
+  loop: ["config", "reload"]
--- a/roles/wireless/meta/main.yml
+++ b/roles/wireless/meta/main.yml
@@ -0,0 +1,12 @@
+---
+galaxy_info:
+  author: flyoverhead
+  description: Configure wireless settings
+  license: GPL-3.0
+  min_ansible_version: "2.13"
+  platforms:
+    - name: OpenWrt
+      versions: ["22.03"]
+  galaxy_tags: ["openwrt", "wireless"]
+dependencies:
+  - role: gekmihesg.openwrt
--- a/roles/wireless/tasks/device.yml
+++ b/roles/wireless/tasks/device.yml
@@ -0,0 +1,31 @@
+---
+# # Configure wireless device
+# - name: Configure wireless device {{ item.id }}
+#   when: item.id != ""
+#   uci:
+#     command: "set"
+#     config: "wireless"
+#     section: "{{ item.id }}"
+#     type: "wifi-device"
+#     value:
+#       type: "{{ item.type | default(omit) }}"
+#       disabled: "{{ item.disabled | default(omit) }}"
+#       channel: "{{ item.channel | default(omit) }}"
+#       band: "{{ item.band | default(omit) }}"
+#       htmode: "{{ item.htmode | default(omit) }}"
+#       country: "{{ item.country | default(omit) }}"
+# Configure wireless device
+- name: Configure wireless device {{ item }}
+  uci:
+    command: "section"
+    config: "wireless"
+    section: "{{ item }}"
+    type: "wifi-device"
+    value:
+      type: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='type') | first | default(omit)) }}"
+      disabled: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='disabled') | first | default(wireless_devices_default.disabled | default(omit))) }}"
+      channel: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='channel') | first | default(omit)) }}"
+      band: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='band') | first | default(omit)) }}"
+      htmode: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='htmode') | first | default(omit)) }}"
+      country: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='country') | first | default(wireless_devices_default.country | default(omit))) }}"
+      txpower: "{{ (wireless_devices | selectattr('id', 'equalto', item) | map(attribute='txpower') | first | default(omit)) }}"
--- a/roles/wireless/tasks/interface.yml
+++ b/roles/wireless/tasks/interface.yml
@@ -0,0 +1,93 @@
+---
+# Set state status for wireless interface
+- name: Set state status for wireless interface {{ outerItem.ssid }}
+  ansible.builtin.set_fact:
+    wireless_interface_state: "{{ outerItem.state | default('present') }}"
+
+# Override wifi devices
+- name: Override wifi add devices for {{ outerItem.ssid }}
+  when: "'present' in wireless_interface_state"
+  ansible.builtin.set_fact:
+    wireless_devices_add: "{{ (wireless_interfaces_override | default() | selectattr('ssid', 'equalto', outerItem.ssid) | map(attribute='device') | list | first) | default(outerItem.device) }}"
+- name: Set wifi device del for {{ outerItem.ssid }}
+  when: "'present' in wireless_interface_state"
+  ansible.builtin.set_fact:
+    wireless_devices_del: "{{ ansible_facts.openwrt_wireless | list | difference(wireless_devices_add) | default([]) }}"
+
+# - name: test
+#   debug:
+#     msg: "{{ outerItem }}"
+#   loop: "{{ outerItem.device }}"
+
+# Delete wireless interface by name on all radios
+- name: Delete wireless interface {{ outerItem.ssid }} on all radios
+  when: "'absent' in wireless_interface_state"
+  uci:
+    command: "absent"
+    config: "wireless"
+    type: "wifi-iface"
+    find:
+      ssid: "{{ outerItem.ssid }}"
+
+# Delete wireless interface
+- name: Delete wireless interface {{ outerItem.ssid }} on radio {{ item }}
+  when: wireless_devices_del is defined and wireless_devices_del | length > 0
+  uci:
+    command: "absent"
+    config: "wireless"
+    type: "wifi-iface"
+    find:
+      ssid: "{{ outerItem.ssid }}"
+      device: "{{ item }}"
+  loop: "{{ wireless_devices_del }}"
+
+# Create and configure wireless interface
+- name: Create and configure wireless interface
+  when: "'present' in wireless_interface_state and wireless_devices_add | length > 0"
+  block:
+    # Generate mobility domain identifier
+    - name: Generate mobility domain identifier
+      ansible.builtin.command:
+        cmd: "echo -n {{ item.ssid }} | md5sum | cut -c-4"
+        uses_shell: true
+      register: mobility_domain_identifier
+      when: >
+        (mobility_domain is defined and mobility_domain == 1) and
+        (item.ssid is defined and item.ssid | length > 0)
+
+    # Configure wireless interface
+    - name: Configure wireless interface
+      uci:
+        command: "section"
+        config: "wireless"
+        type: "wifi-iface"
+        find:
+          device: "{{ item }}"
+          ssid: "{{ outerItem.ssid }}"
+        value:
+          ifname: "{{ outerItem.ifname ~ ansible_loop.index0 | default(omit) }}"
+          device: "{{ item | default(omit) }}"
+          network: "{{ outerItem.network | default([]) | join(' ') }}"
+          mode: "{{ outerItem.mode | default(omit) }}"
+          disabled: "{{ outerItem.disabled | default(omit) }}"
+          ssid: "{{ outerItem.ssid | default(omit) }}"
+          mesh_id: "{{ outerItem.mesh_id | default(omit) }}"
+          hidden: "{{ outerItem.hidden | default(omit) }}"
+          isolate: "{{ outerItem.isolate | default(omit) }}"
+          encryption: "{{ outerItem.encryption | default(omit) }}"
+          key: "{{ outerItem.key | default(omit) }}"
+          auth_server: "{{ outerItem.auth_server | default(omit) }}"
+          auth_secret: "{{ outerItem.auth_secret | default(omit) }}"
+          dynamic_vlan: "{{ outerItem.dynamic_vlan | default(omit) }}"
+          vlan_tagged_interface: "{{ outerItem.vlan_tagged_interface | default(omit) }}"
+          vlan_bridge: "{{ outerItem.vlan_bridge | default(omit) }}"
+          vlan_naming: "{{ outerItem.vlan_naming | default(omit) }}"
+          macfilter: "{{ outerItem.macfilter | default(omit) }}"
+          maclist: "{{ outerItem.maclist | default([]) | join(' ') }}"
+          ieee80211r: "{{ outerItem.ieee80211r | default(omit) }}"
+          mobility_domain: "{{ mobility_domain_identifier.stdout | default(omit) }}"
+          ft_over_ds: "{{ outerItem.ft_over_ds | default(omit) }}"
+          ft_psk_generate_local: "{{ outerItem.ft_psk_generate_local | default(omit) }}"
+      loop: "{{ wireless_devices_add }}"
+      loop_control:
+        extended: true
--- a/roles/wireless/tasks/main.yml
+++ b/roles/wireless/tasks/main.yml
@@ -0,0 +1,19 @@
+---
+# Configure device section
+- name: Configure device section
+  ansible.builtin.include_tasks: device.yml
+  # loop: "{{ (wireless_devices | default([])) }}"
+  loop: "{{ ansible_facts.openwrt_wireless | list }}"
+
+# Configure interface section
+- name: Configure interface section
+  ansible.builtin.include_tasks: interface.yml
+  loop: "{{ wireless_interfaces | default([]) }}"
+  loop_control:
+    loop_var: outerItem
+
+# Apply changes and reload wireless service
+- name: Apply changes and reload wireless
+  uci:
+    command: commit
+  notify: Reload wireless