====== Carnet ======
<del>===== instalace debianu headless =====
  - napriklad na webu [[https://fai-project.org/FAIme/#|FAI]] vygenerujeme instalacni img 
  - vypalime na instalacni medium
  - vlozime img do ciloveho stroje, kde je cilove medium
  - cekame minimalne 20min
  - rebootneme do nainstalovaneho systemu

===== modem a ppp pres operatora =====
<code bash>apt install wvdial</code>
<code bash>nano /etc/wvdial.conf</code>
<file conf wvdial.conf>
[Dialer Defaults]
Modem = /dev/ttyUSB2
Modem Type = Analog Modem
ISDN*= 0
Baud = 460800
Dial Attempts = 1
Username = o2
Password = o2
Init1 = ATZ
Init2 = AT&F &D2 &C1
Init3 = ATS7=60 S30=0 S0=0
Init4 = AT+CGDCONT=1,"IP","internet"
Phone = *99#
Stupid Mode = 1
</file>
vyzkousime wvdial

pak do /etc/network/interfaces jako prvni
<code>auto ppp0
iface ppp0 inet wvdial</code>
a reboot, default routa by mela jit pres ppp0</del>

===== LTE =====
Uz nepouzivame vwdial, novejsi karty maji QMI.
Inicializace modemu a pripojeni
<code bash>mmcli --modem=0 --enable
mmcli -m 0 --simple-connect='apn=XXXX,ip-type=ipv4'
mmcli -m 0 --bearer=0
</code>
status overime
<code bash>mmcli -m 0</code>
pokud je pripojeno, zjistime IP interfacu a pridame ji wwan0
<code bash>ip link set wwan0 up
ip link set dev wwan0 mtu 1500
ip link set dev wwan0 arp off
ip addr add XXX.XXX.XXX.XXX/32 dev wwan0
ip route add default dev wwan0 metric 200
</code>


===== tunel =====
potrebujeme xl2tp:
upravit /etc/xl2tpd/xl2tpd.conf
<file conf xl2tpd.conf>
[global]
access control = no
auth file = /etc/ppp/chap-secrets
debug avp = no
debug network = no
debug packet = no
debug state = no
debug tunnel = no[lac “lns name you specified on the server”]
lns = “lns ip address (likely to be global address)”
redial = yes
redial timeout = 5
require chap = yes
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.l2tpd
require pap = no
autodial = yes
name = “username for chap authentication”
</file>
  * upravime /etc/ppp/chap-secrets a dame tam usera a heslo pro tunel.
  * a nezapomeneme chmod 600 /etc/ppp/chap-secrets
<code>username * password *</code>
  * udelame /etc/ppp/options.l2tpd for a ppp control
<file conf options.l2tpd>
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
defaultroute
usepeerdns
debug
lock
connect-delay 5000
name "username for chap auth"
password "passworf for chap auth"
</file>
a nezapomenem na routy dle potreby

===== site =====
sit zrzky 10.133.33.0/24
sit octy 10.133.35.0/24
sit karkulky 10.133.1.31.0/24