use respondd from yanic

.gitmodules

@@ -1,3 +1,6 @@
 [submodule "site"]
 	path = site
 	url = https://github.com/FreifunkBremen/gluon-site-ffhb.git
+[submodule "roles/respondd"]
+	path = roles/respondd
+	url = https://github.com/freifunk-ansible/ansible-role-yanic.git

README.md

@@ -91,17 +91,27 @@ A babel gateway is a maschine which allow to exit ipv6 default route and recieve
 Such a gateway need some special configuration.
 - (A bigget nat64 whould be nice)
 - ip routes for exit
+	- `post-up  ip -r r add default via 2a06:8782:ff00::1 dev $IFACE proto 159 table default-freifunk`
 	- firewall rules /etc/firewall.d/20-exit 
 		```
 		ipt6 -A FORWARD -o ens3 -i babel-+ -j ACCEPT
 		ipt6 -A FORWARD -i ens3 -o babel-+ -j ACCEPT
 		```
 
 - maybe run yanic to collect and forward stats data
+	- firewall for respondd
+	- firewall for yanic
 - tunnel to babel vpn
 	- add to /etc/babeld.conf
 	- to /etc/systemd/system/mmfd.service
 
 ### Babel VPN
 A babel vpn is a maschine which recieve VPN connection and "forward" them to a gateway.
 It could run nat64 at his own and exit ipv4.
+
+TODO: respondd firewall:
+```
+# babel
+ipt6 -A INPUT -i babel-+ -p udp --dport 1001 -j ACCEPT
+ipt6 -A INPUT -i mmfd0 -p udp --dport 1001 -j ACCEPT
+```

group_vars/all/vars.yml

@@ -4,5 +4,6 @@ site_git_root:        'https://github.com/FreifunkBremen'
 site_city:            'bremen'
 site_domain:          'bremen.freifunk.net'
 site_vpn_prefix:      'vpn'
+freifunk_site_code:   'ffhb'
 icvpn_as:             65196
 fastd_peers_limit:    200

playbooks/babelserver.yml

@@ -1,5 +1,11 @@
 ---
 - hosts: babelservers
+  vars:
+    yanic_respondd: true
+    yanic_version: respondd
+    yanic_respondd_batman: []
+    yanic_respondd_listen_clientdev:
+      - babel-ffhb
   roles:
   - { role: etckeeper-pre, tags: [etckeeper-pre] }
   - { role: apt, tags: [apt] }

roles/golang

@@ -0,0 +1 @@
+go