aurore/ansible
aurore/ansible
10
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity

firewall + dns: configuration reverse.pub & netbox.ext

Browse source
This commit is contained in:
korenstin 2025-10-13 23:57:52 +02:00
parent 8e8bf490b9
commit 2b624069ed
Signed by: korenstin
GPG key ID: 0FC4734F279D20A1
2 changed files with 23 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
group_vars/infra/firewall.yml
View file

@ -135,6 +135,10 @@ firewall__zones:
addrs: addrs:
- 2a09:6840:211::1:7 - 2a09:6840:211::1:7
- 10.211.1.7 - 10.211.1.7
netbox.ext:
addrs:
- 2a09:6840:211::1:8
- 10.211.1.8
ns-1.pub: ns-1.pub:
addrs: addrs:
- 2a09:6840:215::1:2 - 2a09:6840:215::1:2
@ -155,13 +159,15 @@ firewall__zones:
addrs: addrs:
- 45.66.111.216 - 45.66.111.216
- 2a09:6840:215::1:216 - 2a09:6840:215::1:216
log-1.int: reverse.pub:
addrs: addrs:
- 10.206.1.9 - 45.66.111.217
- 2a09:6840:215::1:217
log.int:
addrs:
- 10.206.1.9 # log-1
- 2a09:6840:206::1:9 - 2a09:6840:206::1:9
log-2.int: - 10.206.1.10 #log-2
addrs:
- 10.206.1.10
- 2a09:6840:206::1:10 - 2a09:6840:206::1:10
firewall__input: firewall__input:
@ -198,6 +204,12 @@ firewall__output:
- verdict: accept - verdict: accept
firewall__forward: firewall__forward:
- src: infra
dst: log.int
protocols:
tcp:
dport: 20514
verdict: accept
- src: back - src: back
dst: infra dst: infra
verdict: accept verdict: accept

6
host_vars/ns-master.int.infra.auro.re/knotd.yml
View file

@ -352,6 +352,9 @@ knotd__hosts:
grafana.ext: grafana.ext:
- 2a09:6840:211::1:7 - 2a09:6840:211::1:7
- 10.211.1.7 - 10.211.1.7
netbox.ext:
- 2a09:6840:211::1:8
- 10.211.1.8
proxy.pub: proxy.pub:
- 2a09:6840:215::1:1 - 2a09:6840:215::1:1
- 45.66.111.206 - 45.66.111.206
@ -369,6 +372,9 @@ knotd__hosts:
jitsi.pub: jitsi.pub:
- 45.66.111.216 - 45.66.111.216
- 2a09:6840:215::1:216 - 2a09:6840:215::1:216
reverse.pub:
- 45.66.111.217
- 2a09:6840:215::1:217
knotd__zones: knotd__zones:
auro.re: auro.re: