From 77cc80f79827fda3d83e9891b013cf25a6866ce8 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Fri, 19 Jan 2024 17:11:21 +0100
Subject: [PATCH 1/4] feat: add vyos credentials for rousseau
---
host_vars/rousseau.n39.eu/vars.yml | 3 +++
host_vars/rousseau.n39.eu/vault | 7 +++++++
2 files changed, 10 insertions(+)
create mode 100644 host_vars/rousseau.n39.eu/vars.yml
create mode 100644 host_vars/rousseau.n39.eu/vault
diff --git a/host_vars/rousseau.n39.eu/vars.yml b/host_vars/rousseau.n39.eu/vars.yml
new file mode 100644
index 0000000..6fbd481
--- /dev/null
+++ b/host_vars/rousseau.n39.eu/vars.yml
@@ -0,0 +1,3 @@
+---
+vyos_user: "vyos"
+vyos_password: "${vault_vyos_password}"
\ No newline at end of file
diff --git a/host_vars/rousseau.n39.eu/vault b/host_vars/rousseau.n39.eu/vault
new file mode 100644
index 0000000..1ae4ef1
--- /dev/null
+++ b/host_vars/rousseau.n39.eu/vault
@@ -0,0 +1,7 @@
+$ANSIBLE_VAULT;1.1;AES256
+34313039326636396362356562313833353261363465383232623762663861383634633661353366
+3765626463316130363661373632646532336138386332660a646433633838356131346466313134
+61363532353665353666326130356235303438613933613635356230306432633362393265363933
+3932616132623965320a313437346163303138313436313738663034393761363632323834323131
+39363538656230616461383738653038643230663939363330353535393932333462363937633262
+3831653565616135303032393066646232646432633132356330
From 5432c8b2b5df41f5189fcadef30fface8de9bc93 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Fri, 19 Jan 2024 17:57:17 +0100
Subject: [PATCH 2/4] feat: set correct vyos password for rosseau
---
host-rousseau.yml | 16 ++++++++++++++++
host_vars/rousseau.n39.eu/vars.yml | 2 +-
host_vars/rousseau.n39.eu/vault | 11 +++++------
3 files changed, 22 insertions(+), 7 deletions(-)
create mode 100644 host-rousseau.yml
diff --git a/host-rousseau.yml b/host-rousseau.yml
new file mode 100644
index 0000000..58b7c45
--- /dev/null
+++ b/host-rousseau.yml
@@ -0,0 +1,16 @@
+---
+- hosts: rousseau.n39.eu
+ become: true
+
+ vars:
+ ansible_python_interpreter: /usr/bin/python3
+
+ roles:
+
+ tasks:
+
+ - name: debug
+ ansible.builtin.debug:
+ msg: hello rousseau
+
+ handlers:
diff --git a/host_vars/rousseau.n39.eu/vars.yml b/host_vars/rousseau.n39.eu/vars.yml
index 6fbd481..86f0609 100644
--- a/host_vars/rousseau.n39.eu/vars.yml
+++ b/host_vars/rousseau.n39.eu/vars.yml
@@ -1,3 +1,3 @@
---
vyos_user: "vyos"
-vyos_password: "${vault_vyos_password}"
\ No newline at end of file
+vyos_password: "${{ vault_vyos_password }}"
\ No newline at end of file
diff --git a/host_vars/rousseau.n39.eu/vault b/host_vars/rousseau.n39.eu/vault
index 1ae4ef1..46cc8cd 100644
--- a/host_vars/rousseau.n39.eu/vault
+++ b/host_vars/rousseau.n39.eu/vault
@@ -1,7 +1,6 @@
$ANSIBLE_VAULT;1.1;AES256
-34313039326636396362356562313833353261363465383232623762663861383634633661353366
-3765626463316130363661373632646532336138386332660a646433633838356131346466313134
-61363532353665353666326130356235303438613933613635356230306432633362393265363933
-3932616132623965320a313437346163303138313436313738663034393761363632323834323131
-39363538656230616461383738653038643230663939363330353535393932333462363937633262
-3831653565616135303032393066646232646432633132356330
+61653838316339323134626339363035316239326637346534623263343732393865396538323063
+6538373236396131653532633134333035376666383262640a343961313831326634393166653539
+36376634353437346230323037656364636235336530396661653739626432373938646634663065
+6466363965396130650a376339356330313763383936326662663361366535306463333934356238
+37623336363637383233323966386231333437343435386462323532366461663364
From 45ffd0e23cfb1ad4c5120d8e1cfb26a2eeb48d3f Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Fri, 19 Jan 2024 19:20:52 +0100
Subject: [PATCH 3/4] zwischenstand
---
host-rousseau.yml | 16 -----
host-vyos.yml | 61 +++++++++++++++++++
host_vars/rousseau.n39.eu/vars.yml | 3 -
host_vars/vyos.n39.eu/vars.yml | 6 ++
.../{rousseau.n39.eu => vyos.n39.eu}/vault | 0
inventory.yml | 2 +
6 files changed, 69 insertions(+), 19 deletions(-)
delete mode 100644 host-rousseau.yml
create mode 100644 host-vyos.yml
delete mode 100644 host_vars/rousseau.n39.eu/vars.yml
create mode 100644 host_vars/vyos.n39.eu/vars.yml
rename host_vars/{rousseau.n39.eu => vyos.n39.eu}/vault (100%)
diff --git a/host-rousseau.yml b/host-rousseau.yml
deleted file mode 100644
index 58b7c45..0000000
--- a/host-rousseau.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-- hosts: rousseau.n39.eu
- become: true
-
- vars:
- ansible_python_interpreter: /usr/bin/python3
-
- roles:
-
- tasks:
-
- - name: debug
- ansible.builtin.debug:
- msg: hello rousseau
-
- handlers:
diff --git a/host-vyos.yml b/host-vyos.yml
new file mode 100644
index 0000000..4b0cf86
--- /dev/null
+++ b/host-vyos.yml
@@ -0,0 +1,61 @@
+---
+- hosts: vyos.n39.eu
+ become: true
+
+ vars:
+ ansible_python_interpreter: /usr/bin/python3
+
+ roles:
+
+ tasks:
+ - name: Replace provided configuration with device configuration
+ vyos.vyos.vyos_interfaces:
+ config:
+ - name: eth0
+ description: VLAN04 - Client Netz
+ - name: eth1
+ description: VLAN07 - Telekom Modem
+ - name: eth2
+ description: VLAN09 - DMZ
+ - name: eth3
+ description: VLAN71 - Telekom Status
+ - name: eth4
+ description: VLAN100 - RAW Internet
+ state: replaced
+
+ - name: Merge provided configuration with device configuration
+ vyos.vyos.vyos_l3_interfaces:
+ config:
+ - name: eth0
+ ipv4:
+ - address: 172.23.48.2/22
+ - name: eth2
+ ipv4:
+ - address: 172.23.52.2/22
+ - name: eth3
+ ipv4:
+ - address: 192.168.100.3/24
+ - name: eth4
+ ipv4:
+ - address: 192.168.39.1/24
+
+ - name: Configure a DHCP Server
+ vyos.vyos.vyos_config:
+ lines:
+ - set service dhcp-server disabled 'false'
+ - set service dhcp-server shared-network-name Client subnet 172.23.48.0/22 default-router '172.23.48.2' start '172.23.48.150' stop '172.23.51.250'
+ - set service dhcp-server shared-network-name Client subnet 172.23.52.0/22 default-router '172.23.52.2' start '172.23.53.0' stop '172.23.53.255'
+ - set service dhcp-server shared-network-name Client subnet 192.168.39.0/24 default-router '192.168.39.1'
+ save: yes
+
+ - name: And a DNS forwarder
+ vyos.vyos.vyos_config:
+ lines:
+ - set system static-host-mapping host-name
+ save: yes
+
+ handlers:
+ - name: restart
+ vyos.vyos.command:
+ commands:
+ - restart
diff --git a/host_vars/rousseau.n39.eu/vars.yml b/host_vars/rousseau.n39.eu/vars.yml
deleted file mode 100644
index 86f0609..0000000
--- a/host_vars/rousseau.n39.eu/vars.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-vyos_user: "vyos"
-vyos_password: "${{ vault_vyos_password }}"
\ No newline at end of file
diff --git a/host_vars/vyos.n39.eu/vars.yml b/host_vars/vyos.n39.eu/vars.yml
new file mode 100644
index 0000000..8a89c21
--- /dev/null
+++ b/host_vars/vyos.n39.eu/vars.yml
@@ -0,0 +1,6 @@
+---
+ansible_user: vyos
+ansible_connection: ansible.netcommon.network_cli
+ansible_network_os: vyos
+vyos_user: "vyos"
+vyos_password: "${{ vault_vyos_password }}"
\ No newline at end of file
diff --git a/host_vars/rousseau.n39.eu/vault b/host_vars/vyos.n39.eu/vault
similarity index 100%
rename from host_vars/rousseau.n39.eu/vault
rename to host_vars/vyos.n39.eu/vault
diff --git a/inventory.yml b/inventory.yml
index b1513b4..340e3e1 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -18,6 +18,7 @@ all:
k3s-w1.n39.eu:
k3s-w2.n39.eu:
k3s-w3.n39.eu:
+ # vyos.n39.eu:
children:
docker_host:
@@ -61,6 +62,7 @@ all:
k3s-w1.n39.eu:
k3s-w2.n39.eu:
k3s-w3.n39.eu:
+ rousseau.n39.eu:
location_internet:
hosts:
tau.netz39.de:
From a12729ba3b6863535cd6e6db14464af8cf4b52d9 Mon Sep 17 00:00:00 2001
From: David Kilias <david.kilias@gmail.com>
Date: Sat, 20 Jan 2024 17:21:45 +0100
Subject: [PATCH 4/4] feat: add dns_dhcp for vyos
---
host-vyos.yml | 51 ++++++++++++++++++++----------
host_vars/vyos.n39.eu/dns-dhcp.yml | 44 ++++++++++++++++++++++++++
2 files changed, 78 insertions(+), 17 deletions(-)
create mode 100644 host_vars/vyos.n39.eu/dns-dhcp.yml
diff --git a/host-vyos.yml b/host-vyos.yml
index 4b0cf86..6429c07 100644
--- a/host-vyos.yml
+++ b/host-vyos.yml
@@ -8,42 +8,58 @@
roles:
tasks:
+
+ - name: Configure a DHCP Server
+ vyos.vyos.vyos_config:
+ lines:
+ - set system option keyboard-layout 'de'
+
- name: Replace provided configuration with device configuration
vyos.vyos.vyos_interfaces:
config:
- name: eth0
- description: VLAN04 - Client Netz
- - name: eth1
- description: VLAN07 - Telekom Modem
- - name: eth2
- description: VLAN09 - DMZ
- - name: eth3
- description: VLAN71 - Telekom Status
- - name: eth4
- description: VLAN100 - RAW Internet
+ description: Trunk
+ vifs:
+ - vlan_id: 1
+ description: VIF 1 - mgmt
+ - vlan_id: 4
+ description: VIF 4 - user
+ - vlan_id: 7
+ description: VIF 7 - telekom pppoe
+ - vlan_id: 9
+ description: VIF 9 - dmz
+ - vlan_id: 71
+ description: VIF 71 - telekom status
+ - vlan_id: 100
+ description: VIF 100 - RAW Internet
state: replaced
- name: Merge provided configuration with device configuration
vyos.vyos.vyos_l3_interfaces:
config:
- - name: eth0
+ - name: eth0.1
ipv4:
- - address: 172.23.48.2/22
- - name: eth2
+ - address: 172.23.63.2/24
+ - name: eth0.4
+ ipv4:
+ - address: 172.23.48.4/22
+ - name: eth0.9
ipv4:
- address: 172.23.52.2/22
- - name: eth3
+ - name: eth0.71
ipv4:
- address: 192.168.100.3/24
- - name: eth4
+ - name: eth0.100
ipv4:
- address: 192.168.39.1/24
+ state: replaced
- name: Configure a DHCP Server
vyos.vyos.vyos_config:
lines:
- - set service dhcp-server disabled 'false'
- - set service dhcp-server shared-network-name Client subnet 172.23.48.0/22 default-router '172.23.48.2' start '172.23.48.150' stop '172.23.51.250'
+ - set service dhcp-server disabled 'false'
+ - set service dhcp-server shared-network-name Client subnet 172.23.63.0/24 default-router '172.23.63.2'
+ - set service dhcp-server shared-network-name Client subnet 172.23.48.0/22 default-router '172.23.48.4' start '172.23.48.150' stop '172.23.51.250'
- set service dhcp-server shared-network-name Client subnet 172.23.52.0/22 default-router '172.23.52.2' start '172.23.53.0' stop '172.23.53.255'
- set service dhcp-server shared-network-name Client subnet 192.168.39.0/24 default-router '192.168.39.1'
save: yes
@@ -51,7 +67,8 @@
- name: And a DNS forwarder
vyos.vyos.vyos_config:
lines:
- - set system static-host-mapping host-name
+ - set system static-host-mapping host-name ipv6.host.domain.loc inet xxxx:xxxx:xxxx:xxxx::x
+ - set system static-host-mapping host-name ipv6.host.domain.loc alias host.domain.loc
save: yes
handlers:
diff --git a/host_vars/vyos.n39.eu/dns-dhcp.yml b/host_vars/vyos.n39.eu/dns-dhcp.yml
new file mode 100644
index 0000000..46d4184
--- /dev/null
+++ b/host_vars/vyos.n39.eu/dns-dhcp.yml
@@ -0,0 +1,44 @@
+entries:
+- hostname: sw-1
+ mac: 00:0f:cb:ed:5e:e0
+ address: 172.23.63.34
+ # aliases:
+ # - name:
+- hostname: sw-4
+ mac: 00:1e:8c:74:79:62
+ address: 172.23.63.35
+ aliases:
+ - name: gx-2124x.n39.eu
+- hostname: beaker-mgmt
+ mac: 00:19:99:ec:07:5d
+ address: 172.23.63.43
+- hostname: sw-2.n39.eu
+ mac: 10:0d:7f:4a:c0:21
+ address: 172.23.63.94
+ aliases:
+ - name: gs108tv2-1.n39.eu
+- hostname: sw-3.n39.eu
+ mac: 20:0c:c8:4e:2c:56
+ address: 172.23.63.104
+ aliases:
+ - name: gs105pe-1.n39.eu
+- hostname: pottwal.n39.eu
+ mac: 52:82:de:fc:1e:94
+ address: 172.23.52.44
+ aliases:
+ - name: apt-proxy.n39.eu
+ - name: label.n39.eu
+ - name: syslog.n39.eu
+ - name: pad.n39.eu
+ - name: git.n39.eu
+ - name: uritools.n39.eu
+ - name: uritools-api.n39.eu
+ - name: uptime.n39.eu
+ - name: redmine.n39.eu
+ - name: influx.n39.eu
+ - name: jabber.n39.eu
+ - name: conference.jabber.n39.eu
+ - name: grafana.n39.eu
+ - name: inventory.n39.eu
+ - name: sl.n39.eu
+ - name: spaceapi.n39.eu
\ No newline at end of file