459 lines
12 KiB
YAML
Executable file
459 lines
12 KiB
YAML
Executable file
#!/usr/bin/env ansible-playbook
|
|
---
|
|
- hosts:
|
|
- vm_network
|
|
vars:
|
|
ifupdown2__wireguard_proto: wireguard
|
|
ifupdown2__gateways:
|
|
adm:
|
|
- 2a09:6840:128::254
|
|
- 10.128.0.254
|
|
int:
|
|
- 2a09:6840:206::1
|
|
- 10.206.0.1
|
|
pub:
|
|
- 2a09:6840:111::254
|
|
- 45.66.111.254
|
|
ifupdown2__hosts_wireguard:
|
|
vpn-1.back.infra.auro.re:
|
|
wg0:
|
|
private_key: "{{ vault_wireguard_wg0_private }}"
|
|
listen_port: 5121
|
|
goto_table: bird
|
|
peer_allowed_addresses:
|
|
- 2a09:6840:212::1:1/128
|
|
- 10.212.1.1/32
|
|
peer_public_key: 0kP/XjaGOpu4p9KHTAoAhkLwXzC8wJUdPIdhdpgeKhY=
|
|
ifupdown2__hosts_base:
|
|
edge-1.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:2/64
|
|
- 10.128.10.2/16
|
|
crans0:
|
|
ipv6_addrgen: false
|
|
zayo0:
|
|
ipv6_addrgen: false
|
|
rezel0:
|
|
addresses:
|
|
- 2a09:6842:19:9116::1/64
|
|
- 45.66.111.1/29
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:1/64
|
|
- 10.203.1.1/16
|
|
viarezo0:
|
|
ipv6_addrgen: false
|
|
router0:
|
|
addresses:
|
|
- 2a09:6840:129::10:2/56
|
|
- 10.129.10.2/16
|
|
oti0:
|
|
addresses:
|
|
- 2a00:a4c0:100c:1::b/127
|
|
- 77.95.70.11/31
|
|
edge-2.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:102/64
|
|
- 10.128.10.102/16
|
|
crans0:
|
|
ipv6_addrgen: false
|
|
zayo0:
|
|
ipv6_addrgen: false
|
|
rezel0:
|
|
addresses:
|
|
- 2a09:6842:19:9116::3/64
|
|
- 45.66.111.3/29
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:2/64
|
|
- 10.203.1.2/16
|
|
viarezo0:
|
|
ipv6_addrgen: false
|
|
router0:
|
|
addresses:
|
|
- 2a09:6840:129::10:102/56
|
|
- 10.129.10.102/16
|
|
dns-1.int.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:3/64
|
|
- 10.128.10.3/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
int0:
|
|
addresses:
|
|
- 2a09:6840:206::2/64
|
|
- 10.206.0.2/16
|
|
dns-2.int.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:103/64
|
|
- 10.128.10.103/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
int0:
|
|
addresses:
|
|
- 2a09:6840:206::3/64
|
|
- 10.206.0.3/16
|
|
vpn-1.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:11/64
|
|
- 10.128.10.11/16
|
|
pub0:
|
|
addresses:
|
|
- 2a09:6840:207::118/64
|
|
- 45.66.111.118/24
|
|
vpn0:
|
|
addresses:
|
|
- 2a09:6840:213::1:3/64
|
|
- 10.213.1.3/16
|
|
vpn-2.mgmt.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:111/64
|
|
- 10.128.10.111/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:8/64
|
|
- 10.203.1.8/16
|
|
ssh-1.mgmt.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:1/64
|
|
- 10.128.10.1/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
pub0:
|
|
addresses:
|
|
- 2a09:6840:207::2/64
|
|
- 45.66.108.2/16
|
|
mgmt0:
|
|
addresses:
|
|
- 2a09:6840:211::1:1/64
|
|
- 10.211.1.1/16
|
|
ssh-2.mgmt.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:101/64
|
|
- 10.128.10.101/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
pub0:
|
|
addresses:
|
|
- 2a09:6840:207::3/64
|
|
- 45.66.108.3/16
|
|
mgmt0:
|
|
addresses:
|
|
- 2a09:6840:211::1:2/64
|
|
- 10.211.1.2/16
|
|
infra-1.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:4/64
|
|
- 10.128.10.4/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:3/64
|
|
- 10.203.1.3/16
|
|
vpn0:
|
|
addresses:
|
|
- 2a09:6840:213::1:1/64
|
|
- 10.213.1.1/16
|
|
monit0:
|
|
ipv6_addrgen: false
|
|
wifi0:
|
|
ipv6_addrgen: false
|
|
int0:
|
|
ipv6_addrgen: false
|
|
pub0:
|
|
ipv6_addrgen: false
|
|
bmc0:
|
|
ipv6_addrgen: false
|
|
pve0:
|
|
ipv6_addrgen: false
|
|
isp0:
|
|
ipv6_addrgen: false
|
|
mgmt0:
|
|
ipv6_addrgen: false
|
|
infra-2.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:104/64
|
|
- 10.128.10.104/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:4/64
|
|
- 10.203.1.4/16
|
|
monit0:
|
|
ipv6_addrgen: false
|
|
wifi0:
|
|
ipv6_addrgen: false
|
|
int0:
|
|
ipv6_addrgen: false
|
|
pub0:
|
|
ipv6_addrgen: false
|
|
bmc0:
|
|
ipv6_addrgen: false
|
|
pve0:
|
|
ipv6_addrgen: false
|
|
isp0:
|
|
ipv6_addrgen: false
|
|
mgmt0:
|
|
ipv6_addrgen: false
|
|
isp-1.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:5/64
|
|
- 10.128.10.5/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:5/64
|
|
- 10.203.1.5/16
|
|
trunk0:
|
|
ipv6_addrgen: false
|
|
clients0:
|
|
bridge_vlan_aware: true
|
|
bridge_ports:
|
|
- trunk0
|
|
bridge_vids:
|
|
- 1000-1004
|
|
bridge_disable_pvid: true
|
|
ipv6_addrgen: false
|
|
client0:
|
|
vlan_id: 1000
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client1:
|
|
vlan_id: 1001
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client2:
|
|
vlan_id: 1002
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client3:
|
|
vlan_id: 1003
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client4:
|
|
vlan_id: 1004
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
isp-2.back.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:105/64
|
|
- 10.128.10.105/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
back0:
|
|
addresses:
|
|
- 2a09:6840:203::1:6/64
|
|
- 10.203.1.6/16
|
|
trunk0:
|
|
ipv6_addrgen: false
|
|
clients0:
|
|
bridge_vlan_aware: true
|
|
bridge_ports:
|
|
- trunk0
|
|
bridge_vids:
|
|
- 1000-1004
|
|
bridge_disable_pvid: true
|
|
ipv6_addrgen: false
|
|
client0:
|
|
vlan_id: 1000
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client1:
|
|
vlan_id: 1001
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client2:
|
|
vlan_id: 1002
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client3:
|
|
vlan_id: 1003
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
client4:
|
|
vlan_id: 1004
|
|
vlan_raw_device: clients0
|
|
ipv6_addrgen: false
|
|
dhcp-1.isp.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:6/64
|
|
- 10.128.10.6/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
isp0:
|
|
addresses:
|
|
- 2a09:6840:210::1:1/64
|
|
- 10.210.1.1/16
|
|
trunk0: null
|
|
clients0:
|
|
bridge_vlan_aware: true
|
|
bridge_ports:
|
|
- trunk0
|
|
bridge_vids:
|
|
- 1000-1004
|
|
bridge_disable_pvid: true
|
|
ipv6_addrgen: false
|
|
client0:
|
|
addresses:
|
|
- 100.64.0.2/27
|
|
vlan_id: 1000
|
|
vlan_raw_device: clients0
|
|
client1:
|
|
addresses:
|
|
- 100.64.0.34/27
|
|
vlan_id: 1001
|
|
vlan_raw_device: clients0
|
|
client2:
|
|
addresses:
|
|
- 100.64.0.66/27
|
|
vlan_id: 1002
|
|
vlan_raw_device: clients0
|
|
client3:
|
|
addresses:
|
|
- 100.64.0.98/27
|
|
vlan_id: 1003
|
|
vlan_raw_device: clients0
|
|
client4:
|
|
addresses:
|
|
- 100.64.0.130/27
|
|
vlan_id: 1004
|
|
vlan_raw_device: clients0
|
|
dhcp-2.isp.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:106/64
|
|
- 10.128.10.106/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
isp0:
|
|
addresses:
|
|
- 2a09:6840:210::1:2/64
|
|
- 10.210.1.2/16
|
|
trunk0: null
|
|
clients0:
|
|
bridge_vlan_aware: true
|
|
bridge_ports:
|
|
- trunk0
|
|
bridge_vids:
|
|
- 1000-1004
|
|
bridge_disable_pvid: true
|
|
ipv6_addrgen: false
|
|
client0:
|
|
addresses:
|
|
- 100.64.0.3/27
|
|
vlan_id: 1000
|
|
vlan_raw_device: clients0
|
|
client1:
|
|
addresses:
|
|
- 100.64.0.35/27
|
|
vlan_id: 1001
|
|
vlan_raw_device: clients0
|
|
client2:
|
|
addresses:
|
|
- 100.64.0.67/27
|
|
vlan_id: 1002
|
|
vlan_raw_device: clients0
|
|
client3:
|
|
addresses:
|
|
- 100.64.0.99/27
|
|
vlan_id: 1003
|
|
vlan_raw_device: clients0
|
|
client4:
|
|
addresses:
|
|
- 100.64.0.131/27
|
|
vlan_id: 1004
|
|
vlan_raw_device: clients0
|
|
radius-1.isp.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:7/64
|
|
- 10.128.10.7/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
isp0:
|
|
addresses:
|
|
- 2a09:6840:210::1:3/64
|
|
- 10.210.1.3/16
|
|
radius-2.isp.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:107/64
|
|
- 10.128.10.107/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
isp0:
|
|
addresses:
|
|
- 2a09:6840:210::1:4/64
|
|
- 10.210.1.4/16
|
|
ldap-1.int.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:8/64
|
|
- 10.128.10.8/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
int0:
|
|
addresses:
|
|
- 2a09:6840:206::1:3/64
|
|
- 10.206.1.3/16
|
|
ldap-2.int.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:108/64
|
|
- 10.128.10.108/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
int0:
|
|
addresses:
|
|
- 2a09:6840:206::1:4/64
|
|
- 10.206.1.4/16
|
|
ntp-1.int.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:9/64
|
|
- 10.128.10.9/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
int0:
|
|
addresses:
|
|
- 2a09:6840:206::1:5/64
|
|
- 10.206.1.5/16
|
|
ntp-2.int.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:109/64
|
|
- 10.128.10.109/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
int0:
|
|
addresses:
|
|
- 2a09:6840:206::1:6/64
|
|
- 10.206.1.6/16
|
|
prometheus-1.monit.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:10/64
|
|
- 10.128.10.10/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
monit0:
|
|
addresses:
|
|
- 2a09:6840:204::1:1/64
|
|
- 10.204.1.1/16
|
|
prometheus-2.monit.infra.auro.re:
|
|
adm0:
|
|
addresses:
|
|
- 2a09:6840:128::10:110/64
|
|
- 10.128.10.110/16
|
|
gateways: "{{ ifupdown2__gateways.adm }}"
|
|
monit0:
|
|
addresses:
|
|
- 2a09:6840:204::1:2/64
|
|
- 10.204.1.2/16
|
|
ifupdown2__wireguard: "{{ ifupdown2__hosts_wireguard[inventory_hostname]
|
|
| default({}) }}"
|
|
ifupdown2__interfaces: "{{ ifupdown2__hosts_base[inventory_hostname] }}"
|
|
roles:
|
|
- ifupdown2
|
|
...
|