-first crack at wireless ap

roles/wifi/files/dnsmasq.conf

@@ -0,0 +1,7 @@
+interface=wlan0
+dhcp-range=10.250.250.2,10.250.250.6,255.255.255.248,24h
+listen-address=10.250.250.1
+bind-interfaces
+server=8.8.8.8
+bogus-priv
+domain=demo.dsfinancial.com

roles/wifi/tasks/main.yaml

@@ -5,15 +5,92 @@
     name: ['wpasupplicant']
     state: absent
     purge: true
-  tags: remove_wpasupplicant
-# configure wlan0
-# install hostapd
-# configure hostapd
-# /etc/default/hostapd
-# enable hostapd
-# install dnsmasq
-# configure dnsmasq
-# enable dnsmasq
-# enable ipv4.forwarding
-# copy fw config
-# iptables-restore to rc.local
+  tags: wireless_ap
+- name: configure wlan0
+  blockinfile:
+  path: /etc/dhcpcd.conf
+  block: |
+    interface wlan0
+    static ip_address=10.250.250.1/29
+    nohook wpa_supplicant
+  tags: wireless_ap
+- name: install hostapd
+  become: true
+  apt:
+    name: ['hostapd']
+    state: present
+  tags: wireless_ap
+- name: configure hostapd
+  become: true
+  template:
+    src: "{{ role_path }}/templates/hostapd.conf.j2"
+    dest: "/etc/hostapd/hostapd.conf
+    owner: root
+    group: root
+    backup: yes
+  tags: wireless_ap
+- name: enable hostapd
+  become: true
+  systemd:
+          name: hostapd
+          enabled: yes
+          masked: no
+          state: restarted
+  tags: wireless_ap
+- name: install dnsmasq
+  become: true
+  apt:
+    name: ['dnsmasq']
+    state: present
+  tags: wireless_ap
+- name: configure dnsmasq
+  become: true
+  copy:
+    src: "{{ role_path }}/files/dnsmasq.conf"
+    dest: "/etc/dnsmasq.conf"
+    backup: yes
+    owner: root
+    group: root
+  tags: wireless_ap
+- name: enable dnsmasq
+  become: true
+  systemd:
+    name: dnsmasq
+    enabled: yes
+    masked: no
+    state: restarted
+  tags: wireless_ap
+- name: enable ipv4.forwarding
+  lineinfile:
+        path: "/etc/sysctl.conf"
+        state: present
+        regexp: '^#net\.ipv4\.ip_forward=1'
+        line: 'net.ipv4.ip_forward=1'
+        validate: 'sysctl -p'
+  become: true
+  tags: wireless_ap
+- name: copy fw config
+  become: true
+  copy:
+    src: "{{ role_path }}/files/iptables.ipv4.nat"
+    dest: "/etc/iptables.ipv4.nat"
+    backup: yes
+    owner: root
+    group: root
+  tags: wireless_ap
+- name: iptables-restore to rc.local
+  lineinfile:
+    path: "/etc/rc.local"
+    state: present
+    insertbefore: "exit 0"
+    line: "iptables-restore < /etc/iptables.ipv4.nat"
+  become: true
+  tags: wireless_ap
+- name: restart dhcpcd
+  become: true
+  systemd:
+    name: dhcpcd
+    enabled: yes
+    masked: no
+    state: restarted
+  tags: wireless_ap

roles/wifi/templates/hostapd.conf.j2

@@ -0,0 +1,15 @@
+interface=wlan0
+driver=nl80211
+hw_mode=g
+channel=6
+ieee80211n=1
+wmm_enabled=1
+ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
+macaddr_acl=0
+ignore_broadcast_ssid=0
+wpa=2
+auth_algs=1
+wpa_key_mgmt=WPA-PSK
+rsn_pairwise=CCMP
+ssid={{ site_clli }}
+wpa_passphrase=dsfinisdemo