diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2020-06-24 03:01:50 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2020-06-24 03:01:50 +0200 |
| commit | 31e88617f11109078b44327b2abae8f9768e10f7 (patch) | |
| tree | 7138ae1d6376a216e2eaa6658140d2a13e287841 /inventory | |
| parent | sk-tomnext-hp: final install (diff) | |
update ch-router and add ch-nic
Diffstat (limited to 'inventory')
| -rw-r--r-- | inventory/group_vars/chaos-at-home/network.yml | 1 | ||||
| -rw-r--r-- | inventory/host_vars/ch-nic.yml | 32 | ||||
| -rw-r--r-- | inventory/host_vars/ch-router.yml | 7 | ||||
| -rw-r--r-- | inventory/hosts.ini | 2 |
4 files changed, 40 insertions, 2 deletions
diff --git a/inventory/group_vars/chaos-at-home/network.yml b/inventory/group_vars/chaos-at-home/network.yml index f2a5e878..f33235d1 100644 --- a/inventory/group_vars/chaos-at-home/network.yml +++ b/inventory/group_vars/chaos-at-home/network.yml @@ -43,6 +43,7 @@ network_zones: ch-jump: 22 ch-gw-lan: 28 ch-stats: 10 + ch-nic: 53 ch-web: 80 ch-mail: 143 ch-router-obsd: 253 diff --git a/inventory/host_vars/ch-nic.yml b/inventory/host_vars/ch-nic.yml new file mode 100644 index 00000000..d26b1c40 --- /dev/null +++ b/inventory/host_vars/ch-nic.yml @@ -0,0 +1,32 @@ +--- +install: + vm: + mem: 768 + numcpu: 2 + autostart: True + disks: + primary: /dev/sda + scsi: + sda: + type: lvm + vg: "{{ hostvars[vm_host.name].host_name }}" + lv: "{{ inventory_hostname }}" + size: 10g + interfaces: + - bridge: br-svc + name: svc0 + +network: + nameservers: "{{ network_zones.svc.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: &_network_primary_ + name: svc0 + address: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ network_zones.svc.gateway }}" + static_routes: + - destination: "{{ network_zones.lan.prefix }}" + gateway: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ipaddr('address') }}" + interfaces: + - *_network_primary_ diff --git a/inventory/host_vars/ch-router.yml b/inventory/host_vars/ch-router.yml index 19622983..22864a59 100644 --- a/inventory/host_vars/ch-router.yml +++ b/inventory/host_vars/ch-router.yml @@ -1,6 +1,6 @@ --- openwrt_variant: openwrt -openwrt_release: 18.06.4 +openwrt_release: 19.07.3 openwrt_arch: x86 openwrt_target: 64 openwrt_profile: Generic @@ -153,6 +153,9 @@ openwrt_mixin: iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 2342 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-jump']) | ipaddr('address') }}" iptables -A FORWARD -i "$MAGENTA_IF" -o "$SVC_IF" -d "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-jump']) | ipaddr('address') }}" -p tcp --dport 2342 -j ACCEPT + iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 53 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-nic']) | ipaddr('address') }}" + iptables -A FORWARD -i "$MAGENTA_IF" -o "$SVC_IF" -d "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-nic']) | ipaddr('address') }}" -p tcp --dport 53 -j ACCEPT + iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 80 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-web']) | ipaddr('address') }}" iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 443 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-web']) | ipaddr('address') }}" iptables -A FORWARD -i "$MAGENTA_IF" -o "$SVC_IF" -d "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-web']) | ipaddr('address') }}" -p tcp --dport 80 -j ACCEPT @@ -303,7 +306,7 @@ openwrt_uci: virsh_domxml: | <domain type='kvm'> - <name>router</name> + <name>ch-router</name> <memory>131072</memory> <currentMemory>131072</currentMemory> <vcpu>2</vcpu> diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 68f2383e..c3f1c7ee 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -24,6 +24,7 @@ ch-router host_name=router ch-router-obsd host_name=router ch-gw-lan host_name=gw-lan ch-jump host_name=jump ansible_port=2342 ansible_host=ch-jump +ch-nic host_name=nic ch-hroottest host_name=hroot-test ch-hroottest-vm1 host_name=hroot-test-vm1 ch-hroottest-obsd host_name=hroot-test-obsd @@ -225,6 +226,7 @@ ch-router ch-router-obsd ch-jump ch-gw-lan +ch-nic [vmhost-ch-gnocchi] ch-gnocchi [vmhost-ch-gnocchi:children] |