fastd: Move null cipher to first position in cipher list

  Apparently a client will only connect with the null cipher if both client and
  server have the null cipher before other matching ciphers.

Signed-off-by: Maximilian Wilhelm <max@sdn.clinic>

fastd/fastd.conf

@@ -11,6 +11,9 @@ log to syslog level info;
 
 interface "{{ site }}_{{ network }}";
 
+{% if network_type == 'nodes' and 'batman_gw' in node_config.get ('roles') %}
+method "null";			# Null-cipher for node VPNs
+{%- endif %}
 {%- if 'aes' in grains.cpu_flags and grains.oscodename not in [ "stretch" ] %}
 method "aes128-gcm";
 method "aes128-ctr+umac";
@@ -19,11 +22,8 @@ method "aes128-ctr+umac";
 #method "aes128-ctr+umac";	# Not supported by CPU on this machine
 {%- endif %}
 method "salsa2012+umac";
-{%- if network_type == 'nodes' and 'batman_gw' in node_config.get ('roles') %}
-method "null";			# Null-cipher for node VPNs
-{% endif %}
 
-{#- Calculating FASTd port depending on network_type #}
+{# Calculating FASTd port depending on network_type #}
 {%- set port = -1 %}
 {%- if network_type == 'nodes' %}
   {%- set port = 10000 + site_no|int %}