juip/config-ros
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

完善文档和配置流程

Browse Source
This commit is contained in:
luorijun
2026-02-26 15:40:34 +08:00
parent b93cf2492f
commit 944215f387
4 changed files with 77 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
README.md
View File

@@ -1,8 +1,29 @@
ros 批量配置脚本
## 项目说明
这是一个半自动的批量配置脚本,用于按需批量配置 ros 服务,目前适用于极狐与极光的配置
脚本通过 ssl 方式连接到 ros 服务,在使用前需要下载 ros 的证书到 certs 目录下
**项目结构**
```
ros
├── certs ros 服务的证书,在配置 csv 中 cert 列的根目录是这里
├── scripts ros 服务中的脚本,在配置脚本时会读取并写入 ros 配置
├── templates ros 服务的模板镜像
├── config.jh.bak.csv 极狐的配置参考表
├── config.jg.bak.csv 极光的配置参考表
├── config.csv 需要执行配置的表
├── steps.py 所有配置函数
└── main.py 主程序,执行 `steps.py` 中的配置函数
```
## 使用说明
一、上传 ros 镜像,位置在 `templates` 目录下
1. 上传 ros 镜像,位置在 `templates` 目录下
二、为 ros 配置公网 IP 与网关,并重置 mac 地址
2. 为 ros 配置公网 IP 与网关,并重置 mac 地址
```
/ip/address/set 0 address=公网地址/掩码
@@ -10,9 +31,13 @@
/interface/ethernet/reset-mac-address wan
```
三、将需要部署的 ros 配置条目从 `config.bak.csv` 中复制到 `config.csv`
3. 将需要部署的 ros 配置条目从 `config.jh.bak.csv``config.jg.bak.csv` 中复制到 `config.csv`(没有的话创建一个)
四、执行 `main.py`
> `config.jh.bak.csv` 与 `config.jg.bak.csv` 中是所有 ros 配置项的完整记录
4. 检查并按需调整 `main.py` 脚本开头定义的参数
5. 执行 `main.py`
## 部署流程

4
config.jh.bak.csv
View File

@@ -1,6 +1,6 @@
index,name,code,gateway,public,mask,private,domain,cert
0,混拨1,hh1,43.226.58.1,43.226.58.7,24,192.168.98.3,hh,jh/7.crt
0,混拨2,hh2,43.226.58.1,43.226.58.8,24,192.168.98.2,hh,server.crt
1,混拨2,hh2,43.226.58.1,43.226.58.8,24,192.168.98.2,hh,jh/8.crt
2,混拨3,hh3,43.226.58.1,43.226.58.7,24,192.168.98.3,hh,jh/7.crt
1,宣城,ahxc215,43.226.58.1,43.226.58.10,24,192.168.99.1,ahxc,jh/10.crt
2,宿州,ahsz216,43.226.58.1,43.226.58.11,24,192.168.99.2,ahsz,jh/11.crt
3,阜阳,ahfy225,43.226.58.1,43.226.58.12,24,192.168.99.3,ahfy,jh/12.crt
1 index name code gateway public mask private domain cert
2 0 1 混拨1 混拨2 hh1 hh2 43.226.58.1 43.226.58.7 43.226.58.8 24 192.168.98.3 192.168.98.2 hh jh/7.crt jh/8.crt
3 0 2 混拨2 混拨3 hh2 hh3 43.226.58.1 43.226.58.8 43.226.58.7 24 192.168.98.2 192.168.98.3 hh server.crt jh/7.crt
4 1 宣城 ahxc215 43.226.58.1 43.226.58.10 24 192.168.99.1 ahxc jh/10.crt
5 2 宿州 ahsz216 43.226.58.1 43.226.58.11 24 192.168.99.2 ahsz jh/11.crt
6 3 阜阳 ahfy225 43.226.58.1 43.226.58.12 24 192.168.99.3 ahfy jh/12.crt

18
main.py
View File

@@ -21,24 +21,22 @@ pip install librouteros
- public: 公网 IP
- mask: 公网子网掩码
- private: 内网 IP
- domain: 节点域名
- cert: 证书文件路径
如果需要添加或修改配置项, config.*.bak.csv 文件复制配置项到 config.csv 文件中
如果需要添加或修改配置项,修改 config.*.bak.csv 文件,并复制配置项到 config.csv 文件中
如果需要修改配置内容,在下面 “配置执行步骤” 部分添加或修改函数调用
"""
threads = []
failed = []
# 配置执行步骤
steps = [
configNet,
configJgAuth,
configJgMixOuts,
configJgScripts,
configJgLogs,
configJgOuts,
]
threads = []
failed = []
def main():
# 加载配置文件
@@ -81,7 +79,7 @@ def start(config):
try:
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.load_verify_locations(f'certs/{config["cert"]}')
ctx.load_verify_locations(f"certs/{config['cert']}")
conn = connect(
username="admin",
password="wyongk9815",

49
steps.py
View File

@@ -120,6 +120,7 @@ def configJhMixOuts(conn: Api, config):
except Exception as e:
raise RuntimeError("删除 PPP 失败: {}".format(e))
index = (int(config["index"]) - 1) * 10
for i in range(30):
for j in range(10):
n = j * 30 + i
@@ -127,9 +128,9 @@ def configJhMixOuts(conn: Api, config):
ppps.add(
**{
"name": f"l2tp-out{n+1}",
"name": f"l2tp-out{n + 1}",
"connect-to": f"192.168.25{k}.25{k}",
"user": f"jdzz{j+11}dt{i+221}",
"user": f"jdzz{j + 1 + index}dt{i + 221}",
"password": "123231",
"disabled": "no",
}
@@ -144,8 +145,8 @@ def configJhMixOuts(conn: Api, config):
raise RuntimeError("删除路由表失败: {}".format(e))
for i in range(300):
routeName = f"r{i+1}"
routeOut = f"l2tp-out{i+1}"
routeName = f"r{i + 1}"
routeOut = f"l2tp-out{i + 1}"
try:
routes.add(
**{
@@ -355,7 +356,7 @@ def configJhDrop(conn: Api, config):
layer7.add(
**{
"name": "illegal",
"regexp": f'({"|".join([re.escape(domain) for domain in domains])})[/:]?.*',
"regexp": f"({'|'.join([re.escape(domain) for domain in domains])})[/:]?.*",
}
)
@@ -425,7 +426,7 @@ def configJgAuth(conn: Api, config):
try:
l2tp = conn.path("interface", "l2tp-server", "server")
l2tp.update(**{"enabled": "yes", "use-ipsec": "yes", "ipsec-secret": "byjd231"})
l2tp.update(**{"enabled": "yes", "use-ipsec": "yes", "ipsec-secret": "1234"})
except Exception as e:
raise RuntimeError(f"配置 l2tp 服务器失败: {e}")
@@ -451,7 +452,8 @@ def configJgOuts(conn: Api, config):
"""
try:
count = 20
count = 10
window = 20
# 配置 ppp
try:
@@ -468,8 +470,8 @@ def configJgOuts(conn: Api, config):
ppps.add(
**{
"name": f"l2tp-out{i}",
"connect-to": f"192.168.0.{int(config['gate'])+1}",
"user": f"bydj{config['gate']}api{(int(config['index'])-1) * count + i}",
"connect-to": f"192.168.0.{int(config['gate']) + 1}",
"user": f"byjd{config['gate']}api{(int(config['index']) - 1) * window + i}",
"password": "byjd231",
"disabled": "no",
}
@@ -528,8 +530,8 @@ def configJgMixOuts(conn: Api, config):
ppps.add(
**{
"name": f"l2tp-out{i}",
"connect-to": f"192.168.0.{int(config['gate'])+1}",
"user": f"bydj{config['gate']}api{(int(config['index'])-1) * count + i}",
"connect-to": f"192.168.0.{int(config['gate']) + 1}",
"user": f"byjd{config['gate']}api{(int(config['index']) - 1) * count + i}",
"password": "byjd231",
"disabled": "no",
}
@@ -737,3 +739,28 @@ def configJgLogs(conn: Api, config):
# ====================
# 临时
# ====================
def temp(conn: Api, config):
ppps = conn.path("interface", "l2tp-client")
count = 0
for ppp in ppps:
count += 1
if ppp["name"].startswith("l2tp-out") and ppp["running"] != True:
break
if count < 20:
raise RuntimeError(f"有未运行的 PPPcount={count}")
# file = open(f"outs/{config['code']}.csv", "w", encoding="utf-8")
# file.write("ros,name,connect-to,user,running\n")
# for ppp in ppps:
# file.write("{},{},{},{},{}\n".format(
# config["name"],
# ppp["name"],
# ppp["connect-to"],
# ppp["user"],
# ppp["running"],
# ))
# file.close()