Add config vars for nftables_router

2021-03-10 08:28:16 +01:00 · 2021-03-10 08:28:16 +01:00 · 93c229203a
parent 8e7701423d
commit 93c229203a
1 changed files with 80 additions and 0 deletions
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@ -89,3 +89,83 @@ apartment_block_dhcp: "{{ apartment_block }}"
 ipv6_base_prefix: "2a09:6840"

 is_aurore_host: "{{ 'aurore_vm' in group_names }}"
+
+nftables_interco_v4:
+  - 10.129.0.0/16
+  - 192.168.0.0/31
+  - 192.168.0.2/31
+
+nftables_interco_v6:
+  - 2a09:6840:129::0/48
+
+nftables_adm_v4:
+  - 10.133.0.0/16
+
+nftables_adm_v6:
+  - 2a09:6840:133::0/48
+
+nftables_bastions_v4:
+  - 10.133.0.250
+
+nftables_bastions_v6:
+  - 2a09:6840:133::250
+
+nftables_svc_v4:
+  - 10.128.0.0/16
+  - 10.132.0.0/16
+
+nftables_svc_v6:
+  - 2a09:6840:128::0/48
+  - 2a09:6840:132::0/48
+
+nftables_members_v4:
+  - 10.10.0.0/16
+  - 10.11.0.0/16
+  - 10.20.0.0/16
+  - 10.21.0.0/16
+  - 10.30.0.0/16
+  - 10.31.0.0/16
+  - 10.40.0.0/16
+  - 10.41.0.0/16
+  - 10.50.0.0/16
+  - 10.51.0.0/16
+
+nftables_members_v6:
+  - 2a09:6840:10::0/48
+  - 2a09:6840:11::0/48
+  - 2a09:6840:12::0/48
+  - 2a09:6840:20::0/48
+  - 2a09:6840:21::0/48
+  - 2a09:6840:22::0/48
+  - 2a09:6840:30::0/48
+  - 2a09:6840:31::0/48
+  - 2a09:6840:32::0/48
+  - 2a09:6840:40::0/48
+  - 2a09:6840:41::0/48
+  - 2a09:6840:42::0/48
+  - 2a09:6840:50::0/48
+  - 2a09:6840:51::0/48
+  - 2a09:6840:52::0/48
+
+nftables_signup_v4:
+  - 10.13.0.0/16
+  - 10.23.0.0/16
+  - 10.33.0.0/16
+  - 10.43.0.0/16
+  - 10.53.0.0/16
+
+nftables_signup_v6:
+  - 2a09:6840:13::0/48
+  - 2a09:6840:23::0/48
+  - 2a09:6840:33::0/48
+  - 2a09:6840:43::0/48
+  - 2a09:6840:53::0/48
+
+nftables_signup_triggers_v4:
+  - 1.0.0.1
+  - 1.1.1.1
+
+nftables_signup_triggers_v6:
+  - 2606:4700:4700::1001
+  - 2606:4700:4700::1111
+...