Pains-Perdus/ansible
3
1
Fork 0
Code Issues Pull requests 1 Releases Wiki Activity

centralize the declaration of the intranet ip plan

Browse source
This commit is contained in:
Jean-Marie Mineau 2021-04-23 19:14:28 +02:00
parent 3804edfa0a
commit b7ff3a6419
Signed by: histausse
GPG key ID: 67486F107F62E9E9
9 changed files with 56 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
group_vars/all/networking.yaml Normal file
View file

@ -0,0 +1,40 @@
---
intranet:
domaine: "intra"
ipv4: "172.20.0.0"
netmaskv4: 16
comment: "The intranet"
subnets:
physical:
domaine: "phy"
ipv4: "172.20.1.0"
netmaskv4: 24
comment: "Physical machines"
subnets:
hindley:
domaine: "hindley"
ipv4: "172.20.1.1"
netmaskv4: 32
comment: "Hindley"
azerty:
domaine: "azerty"
ipv4: "172.20.1.2"
netmaskv4: 32
comment: "Azerty"
hellman:
domaine: "hellman"
ipv4: "172.20.1.3"
netmaskv4: 32
comment: "Hellman"
guest:
domaine: "guest"
ipv4: "172.20.200.0"
netmaskv4: 24
comment: "Gest machines"
subnets:
knuth:
domaine: "knuth"
ipv4: "172.20.200.1"
netmaskv4: 32
comment: "Knuth"

3
group_vars/all/vpn.yml
View file

@ -1,3 +1,6 @@
--- ---
vpn_port: 51820 vpn_port: 51820
vpn_keepalive_period: 25 vpn_keepalive_period: 25
vpn_guest_keys:
knuth: "NVKyKcX6PEEApSZvAwnT9gfMmMo6o5Go5FtzEPvh+y8="

4
host_vars/azerty.fil.sand.auro.re/networking.yml
View file

@ -4,8 +4,8 @@ interfaces:
ipv4: "10.50.1.221" ipv4: "10.50.1.221"
netmaskv4: 16 netmaskv4: 16
wg0: wg0:
ipv4: "172.20.1.2" ipv4: "{{ intranet.subnets.physical.subnets.azerty.ipv4 }}"
netmaskv4: 16 netmaskv4: "{{ intranet.netmaskv4 }}"
ipv4_forwarding: false ipv4_forwarding: false
ipv6_forwarding: false ipv6_forwarding: false

4
host_vars/hellman.fil.sand.auro.re/networking.yml
View file

@ -4,8 +4,8 @@ interfaces:
ipv4: "10.50.2.17" ipv4: "10.50.2.17"
netmaskv4: 16 netmaskv4: 16
wg0: wg0:
ipv4: "172.20.1.3" ipv4: "{{ intranet.subnets.physical.subnets.hellman.ipv4 }}"
netmaskv4: 16 netmaskv4: "{{ intranet.netmaskv4 }}"
ipv4_forwarding: false ipv4_forwarding: false
ipv6_forwarding: false ipv6_forwarding: false

4
host_vars/hindley.adh.auro.re/networking.yml
View file

@ -4,8 +4,8 @@ interfaces:
ipv4: "45.66.110.3" ipv4: "45.66.110.3"
netmaskv4: 24 netmaskv4: 24
wg0: wg0:
ipv4: "172.20.1.1" ipv4: "{{ intranet.subnets.physical.subnets.hindley.ipv4 }}"
netmaskv4: 16 netmaskv4: "{{ intranet.netmaskv4 }}"
ipv4_forwarding: true ipv4_forwarding: true
ipv6_forwarding: false ipv6_forwarding: false

7
host_vars/hindley.adh.auro.re/vpn.yml
View file

@ -17,7 +17,8 @@ vpn_interfaces:
allowed_mask: 32 allowed_mask: 32
comment: "hellman" comment: "hellman"
- endpoint: "" - endpoint: ""
public_key: "NVKyKcX6PEEApSZvAwnT9gfMmMo6o5Go5FtzEPvh+y8=" public_key: "{{ vpn_guest_keys.knuth }}"
allowed_ip: "172.20.200.1" allowed_ip: "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}"
allowed_mask: 32 allowed_mask: "{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
comment: "Client laptop: knuth" comment: "Client laptop: knuth"

2
roles/vpn/handlers/main.yml
View file

@ -6,4 +6,4 @@
state: restarted state: restarted
loop: loop:
- "{{ lookup('dict', vpn_interfaces) }}" - "{{ lookup('dict', vpn_interfaces) }}"
no_log: true no_log: false

2
roles/vpn/tasks/main.yml
View file

@ -46,4 +46,4 @@
enabled: yes enabled: yes
loop: loop:
- "{{ lookup('dict', vpn_interfaces) }}" - "{{ lookup('dict', vpn_interfaces) }}"
no_log: true no_log: false

2
run_playbook
View file

@ -2,4 +2,4 @@
eval `ssh-agent -s` eval `ssh-agent -s`
ssh-add ssh-add
ansible-playbook $1 ansible-playbook $*