update

.gitignore

@@ -110,3 +110,5 @@ dist
 
 *.retry
 *-setconf.conf.j2
+
+__pycache__

ansible/bird.conf.j2

@@ -27,18 +27,18 @@ protocol kernel {
 }
 
 {% for connection in connections %}
-{% if connection.type != "null" and connection.remoteLocalAddress != address %}
-ipv4 table {{connection.name}};
+{% if connection.protocol != "null" and connection.remoteLocalAddress != address %}
+ipv4 table {{connection.name.replace("-", "_")}};
 protocol static {
         ipv4 {
-            table {{connection.name}};
+            table {{connection.name.replace("-", "_")}};
         };
         igp table master4;
         route 0.0.0.0/0 recursive {{connection.remoteLocalAddress}};
 }
 protocol kernel {
     ipv4 {
-          table {{connection.name}};
+          table {{connection.name.replace("-", "_")}};
           export all;
     };
     kernel table {{connection.remoteGatewayMark}};
@@ -61,7 +61,7 @@ protocol ospf v2 {
 #			hello 5;		# Default hello perid 10 is too long
 #		};
 {% for connection in connections %}
-{% if connection.type != "null" and connection.remoteLocalAddress != address %}
+{% if connection.protocol != "null" and connection.remoteLocalAddress != address %}
 		interface "{{connection.name}}" {
 			type ptp;
 {% if connection.outbound %}
@@ -73,6 +73,15 @@ protocol ospf v2 {
 		};
 {% endif %}
 {% endfor %}
+
+{% for interface in lan_interfaces %}
+		interface "{{interface}}" {
+			type broadcast;
+			cost 1;
+			hello 5;
+		};
+{% endfor %}
+
 		interface "dummy0" {
 			stub;			# Stub interface, just propagate it
 		};

ansible/configure.yaml

@@ -38,7 +38,7 @@
       template:
         src: bird.conf.j2
         dest: '/usr/local/etc/bird.conf'
-      when: ansible_distribution == "Debian"
+      when: ansible_distribution == "Ubuntu"
       notify: restart_bird
     - name: 鸟配置 (RHEL)
       template:

ansible/protocols/wg/configure.yaml

@@ -14,6 +14,7 @@
   template:
     src: wg.conf.j2
     dest: '/etc/wireguard/{{conn.name}}.conf'
+  register: wg_conf_result
 - name: '{{conn.name}}: enable wg'
   systemd:
     name: 'wg-quick@{{conn.name}}'
@@ -21,12 +22,17 @@
     enabled: yes
   #ignore_errors: true
   register: 'wg_enable_result'
+- name: '{{conn.name}}: restart wg'
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: restarted
+  when: 'not wg_enable_result.changed and wg_conf_result.changed'
 - name: '{{conn.name}}: config for setconf'
   template:
     src: wg-setconf.conf.j2
     dest: '/tmp/{{conn.name}}-setconf.conf'
   register: 'wg_setconf_result'
-  when: 'not wg_enable_result.changed'
+  when: 'not wg_enable_result.changed and not wg_conf_result.changed'
 - name: '{{conn.name}}: wg setconf'
   shell: 'wg setconf {{conn.name}} /tmp/{{conn.name}}-setconf.conf'
-  when: 'not wg_enable_result.changed and wg_setconf_result.changed'
+  when: 'not wg_enable_result.changed and not wg_conf_result.changed and wg_setconf_result.changed'

ansible/protocols/wg/wg.conf.j2

@@ -5,13 +5,11 @@ ListenPort = {{conn.localPort}}
 {% if gwmark is defined %}
 FwMark = {{conn.localGatewayMark}}
 {% endif %}
-{% if conn.mtu is defined %}
-MTU = {{conn.mtu}}
-{% endif %}
+MTU = {{conn.mtu|int - 80}}
 Table = off
-PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/postup.sh
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} /etc/wireguard/postup.sh
 
-PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/predown.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} /etc/wireguard/predown.sh
 
 [Peer]
 PublicKey = {{conn.wgPublicKey}}
@@ -20,3 +18,5 @@ AllowedIPs = 0.0.0.0/0, ::/0
 Endpoint = {{conn.remoteAddress}}:{{conn.remotePort}}
 PersistentKeepalive = 1
 {% endif %}
+
+# forced change

ansible/protocols/wgfrp/configure.yaml

@@ -29,6 +29,7 @@
   template:
     src: wgfrp.conf.j2
     dest: '/etc/wireguard/{{conn.name}}.conf'
+  register: wg_conf_result
 - name: '{{conn.name}}: start wg'
   systemd:
     name: 'wg-quick@{{conn.name}}'
@@ -36,12 +37,17 @@
     enabled: yes
   #ignore_errors: true
   register: wg_enable_result
+- name: '{{conn.name}}: restart wg'
+  systemd:
+    name: 'wg-quick@{{conn.name}}'
+    state: restarted
+  when: 'not wg_enable_result.changed and wg_conf_result.changed'
 - name: '{{conn.name}}: config for setconf'
   template:
     src: wgfrp-setconf.conf.j2
     dest: '/tmp/{{conn.name}}-setconf.conf'
   register: 'wg_setconf_result'
-  when: 'not wg_enable_result.changed'
+  when: 'not wg_enable_result.changed and not wg_conf_result.changed'
 - name: '{{conn.name}}: wg setconf'
   shell: 'wg setconf {{conn.name}} /tmp/{{conn.name}}-setconf.conf'
-  when: 'not wg_enable_result.changed and wg_setconf_result.changed'
+  when: 'not wg_enable_result.changed and not wg_conf_result.changed and wg_setconf_result.changed'

ansible/protocols/wgfrp/frpc.ini.j2

@@ -9,7 +9,7 @@ token = {{frpToken}}
 privilege_mode = true
 type = udp
 local_ip = 127.0.0.1
-local_port = {{conn.remotePort}}
-remote_port = {{conn.remotePort|int - 1000}}
+local_port = {{conn.localPort}}
+remote_port = {{conn.remotePort|int - 10000}}
 use_encryption = true
 use_compression = true

ansible/protocols/wgfrp/wgfrp.conf.j2

@@ -2,21 +2,21 @@
 Address = {{address}}
 PrivateKey = {{key}}
 {% if conn.frpType == "frpc" %}
-ListenPort = {{conn.remotePort}}
+ListenPort = {{conn.localPort}}
 {% endif %}
 {% if gwmark is defined %}
 FwMark = {{conn.localGatewayMark}}
 {% endif %}
-{% if conn.mtu is defined %}
-MTU = {{conn.mtu}}
-{% endif %}
+MTU = {{conn.mtu|int - 80}}
 Table = off
-PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/postup.sh
-PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} {% if conn.mtu is defined %}mtu={{conn.mtu}}{% endif %} /etc/wireguard/predown.sh
+PostUp = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} /etc/wireguard/postup.sh
+PreDown = dev=%i localPeerAddress={{conn.localPeerAddress}} remotePeerAddress={{conn.remotePeerAddress}} remoteMark={{conn.remoteMark}} inbound={{conn.inbound}} outbound={{conn.outbound}} mtu={{conn.mtu|int - 80}} /etc/wireguard/predown.sh
 [Peer]
 PublicKey = {{conn.wgPublicKey}}
 AllowedIPs = 0.0.0.0/0, ::/0
 {% if conn.frpType == "frps" %}
-Endpoint = 127.0.0.1:{{conn.localPort|int - 1000}}
+Endpoint = 127.0.0.1:{{conn.localPort|int - 10000}}
 PersistentKeepalive = 1
 {% endif %}
+
+# forced change

ansible/roles/bird/files/bird.service

@@ -10,4 +10,3 @@ Restart=on-abort
 
 [Install]
 WantedBy=multi-user.target
-path: /usr/lib/systemd/system/bird.service

ansible/roles/bird/tasks/main.yml

@@ -29,4 +29,4 @@
   register: bird_detection
 - name: bird for Ubuntu 
   include_tasks: ubuntu.yaml
-  when: 'ansible_distribution == "Ubuntu" and bird_detection.stdout.length == 0'
+  when: 'ansible_distribution == "Ubuntu" and not bird_detection.stdout'

ansible/scripts/postup.sh

@@ -8,9 +8,9 @@ if [ "$outbound" == True ] ; then
   ip rule add fwmark "$remoteMark" table "$remoteMark" pref 300
 fi
 
-if [ -z "${mtu}" ]; then
-    mtu=$(cat /sys/class/net/"$dev"/mtu)
-fi
+#if [ -z "${mtu}" ]; then
+#    mtu=$(cat /sys/class/net/"$dev"/mtu)
+#fi
 
 mss=$((mtu - 40))
 

ansible/scripts/predown.sh

@@ -4,9 +4,9 @@ if [ "$outbound" == True ] ; then
   ip rule del fwmark "$remoteMark" table "$remoteMark" pref 300
 fi
 
-if [ -z "${mtu}" ]; then
-    mtu=$(cat /sys/class/net/"$dev"/mtu)
-fi
+#if [ -z "${mtu}" ]; then
+#    mtu=$(cat /sys/class/net/"$dev"/mtu)
+#fi
 
 mss=$((mtu - 40))
 

src/inventory.ts

@@ -35,6 +35,7 @@ class InventoryBuilder {
   host_vars(host) {
     const connections = [];
     const null_connection = "10000,null";
+    const lan_interfaces = host.lan_interfaces.split(",");
     for (const h of this.connections) {
       if (h != host.name) {
         const to = host[h];
@@ -62,7 +63,8 @@ class InventoryBuilder {
       frpsPort: host.frpsPort,
       frpToken: host.frpToken,
       gateways: _.mapValues(this.gateways[host.name], gw => _.pick(gw, ['mark_gateway'])),
-      connections
+      connections,
+      lan_interfaces
     };
   }
 
@@ -77,10 +79,10 @@ class InventoryBuilder {
     const name = `mc${!outbound ? 'i' : '-'}${remote.name}`;
     const localGatewayName = (cis ? params.lif : params.rif) || params.if;
     const localGateway = localGatewayName ? this.gateways[local.name][localGatewayName] : _.find(this.gateways[local.name]);
-    const localGatewayMark = localGatewayName ? localGateway.mark : undefined;
+    const localGatewayMark = localGateway ? localGateway.mark : undefined;
     const remoteGatewayName = (cis ? params.rif : params.lif) || params.if;
     const remoteGateway = remoteGatewayName ? this.gateways[remote.name][remoteGatewayName] : _.find(this.gateways[remote.name]);
-    const remoteGatewayMark = remoteGatewayMark ? remoteGateway.mark : undefined;
+    const remoteGatewayMark = remoteGateway ? remoteGateway.mark : undefined;
     //console.log(remoteGateway.name);
     const remoteAddress = remoteGateway.address;
     const remoteLocalAddress = remote.address;
@@ -94,6 +96,9 @@ class InventoryBuilder {
 
     const frpType = protocol === 'wgfrp' ? (this.gatewayCompare(localGateway, remoteGateway) ? 'frps' : 'frpc') : undefined;
 
+    const mtu = Math.min(localGateway ? localGateway.mtu : 1500, remoteGateway ? remoteGateway.mtu : 1500);
+    //console.log(local.name, name, mtu);
+
     return {
       name,
       metric,
@@ -112,7 +117,8 @@ class InventoryBuilder {
       remoteFrpsPort,
       frpType,
       inbound,
-      outbound
+      outbound,
+      mtu
     };
   }
 

update.sh

@@ -2,7 +2,7 @@
 set -e
 
 echo "现在会真正去部署了，请务必带 --limit 运行。"
-echo "现在开放测试的节点：south.mycard.moe,yuzurisa.mycard.moe,hk-hkg-alql2.mycard.moe,ayane.mycard.moe,hk-hkg-alql3.mycard.moe,wg-router.mycard.moe"
+echo "现在开放测试的节点：south.mycard.moe,yuzurisa.mycard.moe,hk-hkg-alql2.mycard.moe,ayane.mycard.moe,hk-hkg-alql3.mycard.moe,wg-router.mycard.moe,kuroko.mycard.moe"
 
 read -p '确认无误后按回车继续'