Skip to content

T
tun
Commit 7ec7dee4 authored by 神楽坂玲奈's avatar 神楽坂玲奈
Browse files
Options

ocserv babeld

parent bce955f1
Show whitespace changes
Inline Side-by-side
Showing with 33 additions and 27 deletions
ansible/babeld.conf.j2
View file @ 7ec7dee4
......@@ -8,6 +8,7 @@ redistribute if {{interface}}
{% endfor %}
redistribute local deny
reflect-kernel-metric true
local-path-readwrite /var/run/babeld/babeld.sock
{% for connection in connections %}
{% if connection.protocol != "null" and not (connection.protocol == "oc" and connection.ocType == "server") and connection.remoteLocalAddress != address %}
......
ansible/scripts/ocserv-postup.sh.j2
View file @ 7ec7dee4
#!/bin/bash
export dev="$USERNAME"
export dev="$DEVICE"
source /etc/ocserv/env-per-user/$USERNAME
NEW_DEVICE="$USERNAME"
ip link set $DEVICE down
ip link set $DEVICE name $NEW_DEVICE
ip link set $NEW_DEVICE up
ip link property add altname $DEVICE dev $NEW_DEVICE
#ip link set $DEVICE down
#ip link set $DEVICE name $NEW_DEVICE
#ip link set $NEW_DEVICE up
#ip link property add altname $DEVICE dev $NEW_DEVICE
#ip link set $NEW_DEVICE alias $DEVICE
ip link property add altname $NEW_DEVICE dev $DEVICE
ip link set $DEVICE alias $NEW_DEVICE
ip addr add "$localAddress/32" dev "$dev"
ip route del "$remoteLocalAddress" dev "$dev" proto kernel scope link src "$localRubbishAddress"
......@@ -16,4 +19,6 @@ ip addr del "$localRubbishAddress" dev "$dev"
{{ansible_user_dir}}/nextgen-network/scripts/predown.sh
{{ansible_user_dir}}/nextgen-network/scripts/postup.sh
echo -e "interface $dev type tunnel rxcost 300 faraway true rtt-max 500 \nquit" | nc -U /var/run/babeld/babeld.sock
true
ansible/scripts/ocserv-predown.sh.j2
View file @ 7ec7dee4
#!/bin/bash
export dev="$USERNAME"
export dev="$DEVICE"
source /etc/ocserv/env-per-user/$USERNAME
{{ansible_user_dir}}/nextgen-network/scripts/predown.sh
......
src/inventory.ts
View file @ 7ec7dee4
......@@ -6,15 +6,13 @@ import YAML from 'yaml';
import _ from 'lodash';
import child_process from 'child_process';
import assert from 'assert';
import ip from 'ip';
import { promises as dns } from 'dns';
import { off } from 'process';
import os from "os";
import os from 'os';
async function generateOcpasswdLine(username: string, password: string) {
const tmpName = os.tmpdir() + "/" + Math.floor(Math.random() * 10000000);
const tmpName = os.tmpdir() + '/' + Math.floor(Math.random() * 10000000);
await util.promisify(child_process.exec)(`echo "${password}\\n${password}" | ocpasswd -c ${tmpName} ${username}`);
const res = (await fs.promises.readFile(tmpName, "utf-8")).trim();
const res = (await fs.promises.readFile(tmpName, 'utf-8')).trim();
await fs.promises.unlink(tmpName);
return res;
}
......@@ -28,6 +26,12 @@ class InventoryBuilder {
resolver: dns.Resolver;
vars: any;
constructor() {
this.resolveCache = new Map();
this.resolver = new dns.Resolver();
this.resolver.setServers(process.env.DNS ? [process.env.DNS] : ['114.114.114.114', '223.5.5.5']);
}
async resolveDomain(domain: string, ipv6: boolean) {
if (!domain || domain.match(/(\d{1,3}\.){3}\d{1,3}/)) {
return domain;
......@@ -53,12 +57,6 @@ class InventoryBuilder {
return resolvedIP;
}
constructor() {
this.resolveCache = new Map();
this.resolver = new dns.Resolver();
this.resolver.setServers(process.env.DNS ? [process.env.DNS] : ['114.114.114.114', '223.5.5.5']);
}
async load(sheetName: string) {
const data = await fs.promises.readFile(path.join('data', `内网互联计划 - ${sheetName}.csv`));
// @ts-ignore
......@@ -161,7 +159,7 @@ class InventoryBuilder {
image: 'git-registry.mycard.moe/railgun/babeld',
network_mode: 'host',
cap_add: ['NET_ADMIN', 'NET_BROADCAST', 'NET_RAW'],
volumes: ['./babeld.conf:/etc/babeld.conf:ro']
volumes: ['./babeld.conf:/etc/babeld.conf:ro', '/var/run/babeld:/var/run/babeld']
}
}
};
......@@ -220,7 +218,7 @@ class InventoryBuilder {
dockerServices: host.dockerServices,
routePlans,
noBird: !!(host.noBird || host.sysBird),
systemBird: !!host.sysBird,
systemBird: !!host.sysBird
};
}
......@@ -304,8 +302,10 @@ class InventoryBuilder {
'./ocserv/env-per-user:/etc/ocserv/env-per-user:ro',
'./ocserv/ocpasswd:/etc/ocserv/ocpasswd:ro',
`./ocserv/certs/${local.ocservCert}:/etc/ssl/certs/${local.ocservCert}:ro`,
'$HOME/nextgen-network/scripts:$HOME/nextgen-network/scripts:ro'
]
'$HOME/nextgen-network/scripts:$HOME/nextgen-network/scripts:ro',
'/var/run/babeld:/var/run/babeld'
],
depends_on: ['babeld']
};
}
local.ocpasswdLines.push(await generateOcpasswdLine(name, this.vars.ocservPassword));
......@@ -364,7 +364,7 @@ class InventoryBuilder {
// frps还是frpc的积分,NAT越有利分越高
gatewayCompareScore(gateway: any): number {
let offset = 0;
let score = 0
let score = 0;
score |= (0xff - gateway.id) << offset; // 8 bits
offset += 8;
const isCNScore = gateway.isCN ? 0 : 1; // 1 bit
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment