---
# All rights reserved (c) 2021, Vladimir Botka <vbotka@gmail.com>
# Simplified BSD License, https://opensource.org/licenses/BSD-2-Clause

# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Ansible playbook: pb-wpacli-cl.yml
#
# Description:
#
#   Configures wireless network and wpa_cli in the mounted system image.
#
# Requirements:
#
#   * role: vbotka.config_light
#
# Example:
#
#   * Fit the variables to your needs
#   * Mount the system image to *bsd_cimage_mount_path*
#     shell> ansible-playbook pb-default.yml -t bsd_cimage_mount
#   * Configures wireless network and wpa_cli in the system image
#     shell> ansible-playbook pb-wpacli-cl.yml
#
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# https://raw.githubusercontent.com/vbotka/ansible-freebsd-custom-image/master/contrib/playbook/pb-wpacli-cl.yml

- name: Configure wireless network and wpa_cli in the mounted system image
  hosts: images.example.com

  connection: ssh
  remote_user: admin
  become: true
  become_user: root
  become_method: ansible.builtin.sudo

  vars:

    # config_light - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    cl_dird: "{{ playbook_dir }}/conf-light"
    cl_assemble_validate: ansible-lint -x 205 %s
    cl_loaderconf_modules: "{{ bsd_cimage_loaderconf_modules }}"
    cl_loaderconf_data: "{{ bsd_cimage_loaderconf_data }}"
    cl_loaderconf_sysctl: "{{ bsd_cimage_loaderconf_sysctl }}"
    cl_wpasupconf_global: "{{ bsd_cimage_wpasupconf_global }}"
    cl_wpasupconf_wlan0: "{{ bsd_cimage_wpasupconf_data|selectattr('dev', 'eq', 'wlan0')|first }}"

    # freebsd_custom_image - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    bsd_cimage_sanity: false
    bsd_cimage_install: false
    bsd_cimage_debug: true
    bsd_cimage_debug_classified: true

    bsd_cimage_mount_path: /mnt3

    bsd_cimage_loaderconf_modules: [wlan, wlan_wep, wlan_ccmp, wlan_tkip, wlan_amrr, rtwn, if_rtwn_usb]
    bsd_cimage_loaderconf_data:
      - hw.usb.template=3
      - umodem_load="YES"
      - boot_multicons="YES"
      - boot_serial="YES"
      - beastie_disable="YES"
      - loader_color="NO"
      - legal.realtek.license_ack=1
    bsd_cimage_loaderconf_sysctl: []
    bsd_cimage_rcconf_data: "{{ wpacli_rcconf }}"
    #  - {key: wlans_rtwn0, value: '"wlan0"'}
    #  - {key: ifconfig_wlan0, value: '"WPA SYNCDHCP"'}

    bsd_cimage_wpasupconf_global:
      - { key: ctrl_interface, value: /var/run/wpa_supplicant }
      - { key: ctrl_interface_group, value: wheel }
      - { key: fast_reauth, value: "1" }
    bsd_cimage_wpasupconf_data:
      - dev: wlan0
        network:
          - conf:
              - { key: ssid, value: '"my_access_point"' }
              - { key: psk, value: '"my_password"' }
              - { key: disabled, value: "0" }
    bsd_cimage_wpasupconf_link: true
    bsd_cimage_wpasupconf_link_dev: wlan0

    # freebsd_wpa_cli - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    wpacli_enable: "YES"
    wpacli_program: /usr/sbin/wpa_cli
    wpacli_action_script_dir: /root/bin
    wpacli_action_script_file: wpa_action.sh
    wpacli_action_script_log_to_file: true
    wpacli_action_script_logfile: /tmp/wpa_action.$ifname
    wpacli_action_script_ntp_set: true
    wpacli_action_script_ntp_server: "0.pool.ntp.org"
    wpacli_action_script_ntpdate_flags: -b
    wpacli_rcconf:
      - { key: wlans_rtwn0, value: '"wlan0"' }
      - { key: ifconfig_wlan0, value: '"WPA"' }
      - { key: defaultrouter, value: '"10.1.0.10"' }
      - { key: wpa_cli_enable, value: '"{{ wpacli_enable }}"' }
      - { key: wpa_cli_program, value: '"{{ wpacli_program }}"' }
      - { key: wpa_cli_ctrl_interface, value: '"/var/run/wpa_supplicant"' }
      - { key: wpa_cli_action_file, value: '"{{ wpacli_action_script_dir }}/{{ wpacli_action_script_file }}"' }
      - { key: ntpd_enable, value: '"YES"' }
      - { key: ntpd_sync_on_start, value: '"NO"' }
      - { key: ntpdate_enable, value: '"NO"' }
      - { key: ntpdate_flags, value: '"-b"' }

    # freebsd_postinstall - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    fp_ntp_config_options:
      - tos minclock 3 maxclock 6
    fp_ntp_config_pool:
      - "0.pool.ntp.org iburst"
      - 1.pool.ntp.org iburst
      - 2.pool.ntp.org iburst
      - 3.pool.ntp.org iburst
    fp_ntp_config_restrict:
      - default limited kod nomodify notrap nopeer noquery
      - -6 default limited kod nomodify notrap nopeer noquery
      - 127.0.0.1
      - -6 ::1
      - 127.127.1.0
    fp_ntp_config_leapfile: /var/db/ntpd.leap-seconds.list

  roles:
    - vbotka.config_light

# EOF