aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity

add gs dhcp, dns, routing

Browse source 
and add thor to inventory
This commit is contained in:
Yohaï-Eliel BERREBY 2020-07-06 18:40:54 +02:00
parent a6b15c0e10
commit 337906c6c0
6 changed files with 31 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
*.retry *.retry
tmp
ldap-password.txt ldap-password.txt

3
group_vars/all/vars.yml
View file

@ -77,5 +77,4 @@ radius_pg_replication_password: "{{ vault_re2o_db_user_passwords.replication }}"
radius_pg_re2o_ro_password: "{{ vault_re2o_db_user_passwords.re2o_ro }}" radius_pg_re2o_ro_password: "{{ vault_re2o_db_user_passwords.re2o_ro }}"
apartment_block_dhcp: "{{ apartment_block }}"

4
group_vars/gs/main.yml
View file

@ -1,5 +1,7 @@
--- ---
apartment_block: gs apartment_block: gs
apartment_block_dhcp: sand
apartment_block_id: 5 apartment_block_id: 5
router_ip_suffix: 240 router_ip_suffix: 254

19
hosts
View file

@ -121,17 +121,31 @@ ldap-replica-edc-backup.adm.auro.re
[gs_pve] [gs_pve]
perceval.adm.auro.re perceval.adm.auro.re
lancelot.adm.auro.re
odin.adm.auro.re
[gs_vm] [gs_vm]
dhcp-gs.adm.auro.re dhcp-gs.adm.auro.re
dhcp-gs-backup.adm.auro.re
dns-gs.adm.auro.re dns-gs.adm.auro.re
dns-gs-backup.adm.auro.re
routeur-gs.adm.auro.re routeur-gs.adm.auro.re
routeur-gs-backup.adm.auro.re
unifi-gs.adm.auro.re unifi-gs.adm.auro.re
radius-gs.adm.auro.re radius-gs.adm.auro.re
radius-gs-backup.adm.auro.re
prometheus-gs.adm.auro.re prometheus-gs.adm.auro.re
#inexistant : ldap-replica-gs.adm.auro.re #inexistant : ldap-replica-gs.adm.auro.re
#inexistant : ldap-replica-gs-backup.adm.auro.re #inexistant : ldap-replica-gs-backup.adm.auro.re
###############################################################################
# Les Rives
[rives_pve]
thor.adm.auro.re
############################################################################### ###############################################################################
# Groups by location # Groups by location
@ -164,6 +178,10 @@ edc_vm
gs_pve gs_pve
gs_vm gs_vm
# everything at Les Rives
[rives:children]
rives_pve
############################################################################### ###############################################################################
# Groups by type # Groups by type
@ -187,6 +205,7 @@ fleming_pve
pacaterie_pve pacaterie_pve
edc_pve edc_pve
gs_pve gs_pve
rives_pve
############################################################################### ###############################################################################

6
network.yml
View file

@ -1,7 +1,7 @@
#!/usr/bin/env ansible-playbook #!/usr/bin/env ansible-playbook
--- ---
# Set up DHCP servers. # Set up DHCP servers.
- hosts: dhcp-*.adm.auro.re, !dhcp-aurore*.adm.auro.re,!dhcp-gs*.adm.auro.re - hosts: dhcp-*.adm.auro.re, !dhcp-aurore*.adm.auro.re
vars: vars:
service_repo: https://gitlab.federez.net/re2o/dhcp.git service_repo: https://gitlab.federez.net/re2o/dhcp.git
service_name: dhcp service_name: dhcp
@ -16,13 +16,13 @@
# Deploy unbound DNS server (recursive). # Deploy unbound DNS server (recursive).
- hosts: dns-*.adm.auro.re,!dns-aurore*.adm.auro.re,!dns-gs*.adm.auro.re - hosts: dns-*.adm.auro.re,!dns-aurore*.adm.auro.re
roles: roles:
- unbound - unbound
# Déploiement du service re2o aurore-firewall et keepalived # Déploiement du service re2o aurore-firewall et keepalived
- hosts: ~routeur-(pacaterie|edc|fleming).*\.adm\.auro\.re - hosts: ~routeur-(pacaterie|edc|fleming|gs).*\.adm\.auro\.re
roles: roles:
- router - router

8
roles/isc-dhcp-server/templates/dhcp/dhcpd.conf.j2
View file

@ -43,12 +43,12 @@ subnet 10.{{ subnet_ids.users_wired }}.0.0 netmask 255.255.0.0 {
option subnet-mask 255.255.0.0; option subnet-mask 255.255.0.0;
option broadcast-address 10.{{ subnet_ids.users_wired }}.255.255; option broadcast-address 10.{{ subnet_ids.users_wired }}.255.255;
option routers 10.{{ subnet_ids.users_wired }}.0.{{ router_ip_suffix }}; option routers 10.{{ subnet_ids.users_wired }}.0.{{ router_ip_suffix }};
option domain-name "fil.{{ apartment_block }}.auro.re"; option domain-name "fil.{{ apartment_block_dhcp }}.auro.re";
option domain-search "auro.re"; option domain-search "auro.re";
option domain-name-servers 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; option domain-name-servers 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wired }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }};
include "/var/local/re2o-services/dhcp/generated/dhcp.fil.{{ apartment_block }}.auro.re.list"; include "/var/local/re2o-services/dhcp/generated/dhcp.fil.{{ apartment_block_dhcp }}.auro.re.list";
deny unknown-clients; deny unknown-clients;
} }
@ -60,12 +60,12 @@ subnet 10.{{ subnet_ids.users_wifi }}.0.0 netmask 255.255.0.0 {
option subnet-mask 255.255.0.0; option subnet-mask 255.255.0.0;
option broadcast-address 10.{{ subnet_ids.users_wifi }}.255.255; option broadcast-address 10.{{ subnet_ids.users_wifi }}.255.255;
option routers 10.{{ subnet_ids.users_wifi }}.0.{{ router_ip_suffix }}; option routers 10.{{ subnet_ids.users_wifi }}.0.{{ router_ip_suffix }};
option domain-name "wifi.{{ apartment_block }}.auro.re"; option domain-name "wifi.{{ apartment_block_dhcp }}.auro.re";
option domain-search "auro.re"; option domain-search "auro.re";
option domain-name-servers 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }}; option domain-name-servers 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_main }}, 10.{{ subnet_ids.users_wifi }}.0.{{ dns_host_suffix_backup }}, {{ backup_dns_servers|join(', ') }};
include "/var/local/re2o-services/dhcp/generated/dhcp.wifi.{{ apartment_block }}.auro.re.list"; include "/var/local/re2o-services/dhcp/generated/dhcp.wifi.{{ apartment_block_dhcp }}.auro.re.list";
pool { pool {
range 10.{{ subnet_ids.users_wifi }}.8.0 10.{{ subnet_ids.users_wifi }}.10.255; range 10.{{ subnet_ids.users_wifi }}.8.0 10.{{ subnet_ids.users_wifi }}.10.255;