aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity
ansible/roles/nftables_router/templates/nftables.d/10-vars.conf.j2

82 lines
1.7 KiB
Text
Raw Permalink Normal View History

Create role for nftables router
2021-03-10 03:16:51 +01:00
{{ ansible_managed | comment }}
## Interconnexion
# Réseaux d'interconnexion
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define interco_v4 = {
{{ nftables_interco_v4 | join(",\n") | indent }}
}
define interco_v6 = {
{{ nftables_interco_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
## Administration
# Réseaux d'administration
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define adm_v4 = {
{{ nftables_adm_v4 | join(",\n") | indent }}
}
define adm_v6 = {
{{ nftables_adm_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
# Serveurs de centralisation des journaux
define syslog_adm_v4 = { 10.128.0.51 }
define syslog_adm_v6 = { 2a09:6840:128::251 }
# Adresses des bastions autorisés
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define bastions_v4 = {
{{ nftables_bastions_v4 | join(",\n") | indent }}
}
define bastions_v6 = {
{{ nftables_bastions_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
## Services
# Réseaux de services privés
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define svc_v4 = {
{{ nftables_svc_v4 | join(",\n") | indent }}
}
define svc_v6 = {
{{ nftables_svc_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
## Adhérents
# Réseaux des adhérents
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define members_v4 = {
{{ nftables_members_v4 | join(",\n") | indent }}
}
define members_v6 = {
{{ nftables_members_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
# Sous-réseau d'inscription des adhérents
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define signup_v4 = {
{{ nftables_signup_v4 | join(",\n") | indent }}
}
define signup_v6 = {
{{ nftables_signup_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
# Hôtes déclencheurs d'accès à Internet pour inscription
Indent nftables sets literals
2021-03-10 09:43:31 +01:00
define signup_triggers_v4 = {
{{ nftables_signup_triggers_v4 | join(",\n") | indent }}
}
define signup_triggers_v6 = {
{{ nftables_signup_triggers_v6 | join(",\n") | indent }}
}
Create role for nftables router
2021-03-10 03:16:51 +01:00
## NAT
# Interface sur laquelle appliquer le NAT
define wan_iface = "ens18"
Use group vars and rename some nftables vars
2021-03-10 08:29:15 +01:00
define members_nat_v4 = 92.222.211.198
Create role for nftables router
2021-03-10 03:16:51 +01:00
define any_nat_v4 = 92.222.211.198
Reference in a new issue Copy permalink