Merge remote-tracking branch 'origin/master'

# Conflicts: # ansible/bird.conf.j2

Merge remote-tracking branch 'origin/master'
# Conflicts: # ansible/bird.conf.j2
2ba5b5a7 · 神楽坂玲奈 · 6d6295ae · fcc33712 · 2ba5b5a7 · 2ba5b5a7
Commit 2ba5b5a7 authored Feb 12, 2020 by 神楽坂玲奈
8 changed files
--- a/ansible/bird.conf.j2
+++ b/ansible/bird.conf.j2
@@ -51,7 +51,7 @@ protocol ospf v2 {
 {% if connection.outbound %}
 			cost {{connection.metric}};
 {% else %}
-			cost 65535;
+			cost 50000;
 {% endif %}
 			hello 5;
 		};

--- a/ansible/install.yaml
+++ b/ansible/install.yaml
@@ -18,6 +18,9 @@
      vars:
        conn: '{{item}}'
      with_items: '{{ connections }}'
+    - name: 'frps'
+      include_tasks: 'protocols/wgfrp/frps.yaml'
+      when: 'frps_needed is defined'
 #    - name: 安装软件包 (apt)
 #      apt:

--- a/ansible/protocols/wg/wg.conf.j2
+++ b/ansible/protocols/wg/wg.conf.j2
@@ -13,5 +13,5 @@ PublicKey = {{conn.wgPublicKey}}
 AllowedIPs = 0.0.0.0/0, ::/0
 {% if conn.remoteAddress is defined %}
 Endpoint = {{conn.remoteAddress}}:{{conn.remotePort}}
+PersistentKeepalive = 1
 {% endif %}
--- a/ansible/protocols/wgfrp/frpc.ini.j2
+++ b/ansible/protocols/wgfrp/frpc.ini.j2
+[common]
+server_addr = {{conn.remoteAddress}}
+server_port = {{conn.remoteFrpsPort}}
+tcp_mux = true
+protocol = tcp
+token = {{frpToken}}
+[{{ansible_hostname_short}}_{{conn.name}}]
+privilege_mode = true
+type = udp
+local_ip = 127.0.0.1
+local_port = {{conn.localPort}}
+remote_port = {{conn.localPort}}
+use_encryption = true
+use_compression = true
--- a/ansible/protocols/wgfrp/frps.ini.j2
+++ b/ansible/protocols/wgfrp/frps.ini.j2
+[common]
+bind_port = {{frps_port}}
+token = {{frpToken}}
+tcp_mux = true
--- a/ansible/protocols/wgfrp/frps.yaml
+++ b/ansible/protocols/wgfrp/frps.yaml
+- name: frps template
+  become: true
+  template:
+    src: 'frps.ini.j2'
+    dest: '/etc/frp/frps.ini'
+- name: start frps
+  become: true
+  systemd:
+    name: 'frps'
+    state: restarted
+    enabled: true
--- a/ansible/protocols/wgfrp/wgfrp.conf.j2
+++ b/ansible/protocols/wgfrp/wgfrp.conf.j2
+[Interface]
+Address = {{address}}
+PrivateKey = {{key}}
+{% if conn.frpType == "frpc" %}
+ListenPort = {{conn.localPort}}
+{% endif %}
+{% if gwmark is defined %}
+FwMark = {{conn.localGatewayMark}}
+{% endif %}
+Table = off
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/postup.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/predown.sh
+[Peer]
+PublicKey = {{conn.wgPublicKey}}
+AllowedIPs = 0.0.0.0/0, ::/0
+{% if conn.frpType == "frps" %}
+Endpoint = 127.0.0.1:{{conn.remotePort}}
+PersistentKeepalive = 1
+{% endif %}
--- a/ansible/protocols/wgfrp/wgfrp.yaml
+++ b/ansible/protocols/wgfrp/wgfrp.yaml
- name: placeholder foo
+- name: stop，测试用。
-  debug:
+  systemd:
-    msg: 'wgfrp'
+    name: 'wg-quick@{{conn.name}}'
+    state: stopped
+- name: conf
+  template:
+    src: wgfrp.conf.j2
+    dest: '/etc/wireguard/{{conn.name}}.conf'
+- name: enable
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: started
+    enabled: yes
+- name: frp directory
+  file:
+    path: /tmp/frp
+    state: directory
+- name: get frp
+  unarchive:
+    src: https://github.com/fatedier/frp/releases/download/v0.31.2/frp_0.31.2_linux_amd64.tar.gz
+    remote_src: true
+    creates:
+      - /tmp/frp/frpc
+      - /tmp/frp/frps
+    dest: /tmp/frp/
+  when: 'ansible_architecture == "x86_64"'
+- name: get frp for arm
+  unarchive:
+    src: https://github.com/fatedier/frp/releases/download/v0.31.2/frp_0.31.2_linux_arm64.tar.gz
+    remote_src: true
+    creates:
+      - /tmp/frp/frpc
+      - /tmp/frp/frps
+    dest: /tmp/frp/
+    extra_opts:
+      - --strip-components=1
+  when: 'ansible_architecture == "aarch64"'
+- name: install frp
+  become: true
+  shell: 'cp -rf /tmp/frp/frpc /usr/bin/ && cp -rf /tmp/frp/frps /usr/bin/ && cp -rf /tmp/frp/systemd/* /usr/lib/systemd/systemd/'
+  name: frp config directory
+  file:
+    path: /tmp/frp
+    state: directory
+- name: frpc template
+  become: true
+  template:
+    src: 'frpc.ini.j2'
+    dest: '/etc/frp/{{conn.name}}.ini'
+  when: 'conn.frpType == "frpc"'
+- name: start frpc
+  become: true
+  systemd:
+    name: 'frpc@{{conn.name}}'
+    state: restarted
+    enabled: true
+  when: 'conn.frpType == "frpc"'
+- name: register frps
+  set_fact:
+    frps_needed: 1
+  when: 'conn.frpType == "frps"'