81 lines
1.7 KiB
Django/Jinja
81 lines
1.7 KiB
Django/Jinja
{{ ansible_managed | comment }}
|
|
|
|
## Interconnexion
|
|
|
|
# Réseaux d'interconnexion
|
|
define interco_v4 = {
|
|
{{ nftables_interco_v4 | join(",\n") | indent }}
|
|
}
|
|
define interco_v6 = {
|
|
{{ nftables_interco_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
|
|
## Administration
|
|
|
|
# Réseaux d'administration
|
|
define adm_v4 = {
|
|
{{ nftables_adm_v4 | join(",\n") | indent }}
|
|
}
|
|
define adm_v6 = {
|
|
{{ nftables_adm_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
# Serveurs de centralisation des journaux
|
|
define syslog_adm_v4 = { 10.128.0.51 }
|
|
define syslog_adm_v6 = { 2a09:6840:128::251 }
|
|
|
|
# Adresses des bastions autorisés
|
|
define bastions_v4 = {
|
|
{{ nftables_bastions_v4 | join(",\n") | indent }}
|
|
}
|
|
define bastions_v6 = {
|
|
{{ nftables_bastions_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
|
|
## Services
|
|
|
|
# Réseaux de services privés
|
|
define svc_v4 = {
|
|
{{ nftables_svc_v4 | join(",\n") | indent }}
|
|
}
|
|
define svc_v6 = {
|
|
{{ nftables_svc_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
|
|
## Adhérents
|
|
|
|
# Réseaux des adhérents
|
|
define members_v4 = {
|
|
{{ nftables_members_v4 | join(",\n") | indent }}
|
|
}
|
|
define members_v6 = {
|
|
{{ nftables_members_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
# Sous-réseau d'inscription des adhérents
|
|
define signup_v4 = {
|
|
{{ nftables_signup_v4 | join(",\n") | indent }}
|
|
}
|
|
define signup_v6 = {
|
|
{{ nftables_signup_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
# Hôtes déclencheurs d'accès à Internet pour inscription
|
|
define signup_triggers_v4 = {
|
|
{{ nftables_signup_triggers_v4 | join(",\n") | indent }}
|
|
}
|
|
define signup_triggers_v6 = {
|
|
{{ nftables_signup_triggers_v6 | join(",\n") | indent }}
|
|
}
|
|
|
|
|
|
## NAT
|
|
|
|
# Interface sur laquelle appliquer le NAT
|
|
define wan_iface = "ens18"
|
|
|
|
define members_nat_v4 = 92.222.211.198
|
|
define any_nat_v4 = 92.222.211.198
|