viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(phpipam): scan London/Valchedrym via WireGuard tunnel

Browse source 
- pfsense-import CronJob now scans remote subnets (192.168.8.0/24,
  192.168.0.0/24) via parallel ping sweep through pfSense WG tunnel
- 13 London devices + 1 Valchedrym device discovered
- Known hosts named: ha-london, rpi-london, openwrt-london
- fping cron container fully removed

[ci skip]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Viktor Barzin 2026-04-10 20:58:49 +00:00
parent eec6af6aef
commit cddbb1c8b0
1 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

27
stacks/phpipam/main.tf
View file

@ -410,9 +410,22 @@ resource "kubernetes_cron_job_v1" "phpipam_pfsense_import" {
echo "=== Fetching ARP table ==="
ARP=$$(ssh admin@10.0.20.1 'arp -an' 2>/dev/null)
# 2b. Scan remote subnets via pfSense WireGuard tunnel (no ARP for L3 routed)
echo "=== Scanning remote subnets via WG tunnel ==="
REMOTE_HOSTS=$$(ssh admin@10.0.20.1 '
for subnet in "192.168.8" "192.168.0"; do
for i in $(seq 1 254); do
ping -c 1 -t 1 $${subnet}.$${i} >/dev/null 2>&1 && echo "$${subnet}.$${i}" &
done
done
wait
' 2>/dev/null)
echo "$$REMOTE_HOSTS" | grep -c . | xargs -I{} echo " Found {} remote hosts"
# 3. Parse and import into phpIPAM MySQL
echo "=== Importing into phpIPAM ==="
export LEASES_DATA="$$LEASES"
export REMOTE_HOSTS_DATA="$$REMOTE_HOSTS"
export ARP_DATA="$$ARP"
python3 << 'PYEOF'
import json, subprocess, sys, re, os
@ -508,6 +521,20 @@ for line in arp_raw.split("\n"):
updated_mac += 1
mysql_exec(f"UPDATE ipaddresses SET {','.join(updates)} WHERE ip_addr=INET_ATON('{ip}')")
# Import remote hosts (scanned via WG tunnel, no MAC available)
remote_raw = os.environ.get("REMOTE_HOSTS_DATA", "")
for line in remote_raw.split("\n"):
ip = line.strip()
if not ip or not re.match(r'\d+\.\d+\.\d+\.\d+', ip): continue
subnet_id = get_subnet_id(ip)
if not subnet_id: continue
if ip in existing: continue
if ip in {l["ip-address"] for l in leases}: continue
mysql_exec(f"INSERT INTO ipaddresses (ip_addr, subnetId, description, lastSeen) VALUES (INET_ATON('{ip}'), {subnet_id}, '-- wg tunnel scan --', NOW())")
imported += 1
print(f" NEW (wg) {ip}")
print(f"\nImported: {imported} new, Updated: {updated_mac} MACs, {updated_hostname} hostnames")
PYEOF
echo "Import complete"