Wifi Captive Portal

An implementation of a simple Captive Portal that allows
access to an IP network via forwarding on the same machine
running the GSM core network.

A Wifi AP could be connected to the ethernet port
specified in the hiera as wifi_if (default eth3)
Any Wifi AP can be used, and configured as desired.

In the future, maybe a RADIUS based solution could
supercede this.

modules/rhizo_base/manifests/init.pp

@@ -76,6 +76,10 @@ class rhizo_base {
   $bsc_ip_address  = hiera('rhizo::bsc_ip_address', '172.16.0.1')
   $vpn_ip_address  = hiera('rhizo::vpn_ip_address')
   $wan_ip_address  = hiera('rhizo::wan_ip_address')
+  $wifi_ip_address = hiera('rhizo::wifi_ip_address', '172.24.0.1')
+  $wifi_net        = hiera('rhizo::wifi_net', '172.24.0.0/16')
+  $wifi_dhcp_range = hiera('rhizo::wifi_dhcp_range', '172.24.0.1,172.24.100.254')
+  $wifi_dns        = hiera('rhizo::wifi_dns', '1.1.1.1')
   $sip_central_ip_address = hiera('rhizo::sip_central_ip_address')
   $webphone_prefix        = hiera('rhizo::webphone_prefix', '[]')
   $latency_check_address  = hiera('rhizo::latency_check_address','1.1.1.1')
@@ -87,6 +91,8 @@ class rhizo_base {
 
   $stats_disk = hiera('rhizo::stats_disk','sda1')
   $stats_if   = hiera('rhizo::stats_if','eth0')
+  $wifi_if    = hiera('rhizo::wifi_if','eth3')
+  $has_wifi   = hiera('rhizo::has_wifi', 0)
 
   # SITE settings
   # rate type can be "call" or "min"
@@ -200,6 +206,13 @@ class rhizo_base {
   if $has_vsat == 1 {
     include rhizo_base::sems
   }
+  if $has_wifi == 1 {
+    Firewall {
+      require => undef,
+    }
+    class { 'firewall': }
+    include rhizo_base::wifi
+  }
 
   sysctl { 'net.ipv4.ip_forward':
       value => '1'
@@ -333,6 +346,11 @@ schedule { 'never':
     $rsched = "never"
   }
 
+  service { 'apache2':
+    require => [ Package['apache2'], Vcsrepo['/var/rhizomatica'] ],
+    ensure => running,
+  }
+
   vcsrepo { '/var/rhizomatica':
       schedule => $rsched,
       ensure   => latest,