summaryrefslogtreecommitdiff
path: root/inventory
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2022-12-05 01:04:27 +0100
committerChristian Pointner <equinox@spreadspace.org>2022-12-05 01:04:27 +0100
commit562d174484f41bef84eeb3a41f757e01f570b126 (patch)
tree3a6f3227a246d2924a3b9e65d4635f6d54d22216 /inventory
parentch-equinox-(t450s|ws): add dia (diff)
add ch-atlas and sk-2019vm to backup list for ch-epimetheus
Diffstat (limited to 'inventory')
-rw-r--r--inventory/host_vars/ch-atlas.yml4
-rw-r--r--inventory/host_vars/ch-epimetheus.yml20
-rw-r--r--inventory/host_vars/ch-testvm-prometheus.yml50
-rw-r--r--inventory/host_vars/sk-2019vm.yml5
4 files changed, 79 insertions, 0 deletions
diff --git a/inventory/host_vars/ch-atlas.yml b/inventory/host_vars/ch-atlas.yml
index de2383e7..6039f0d9 100644
--- a/inventory/host_vars/ch-atlas.yml
+++ b/inventory/host_vars/ch-atlas.yml
@@ -25,6 +25,10 @@ network:
- 502
+ssh_keys_root_extra:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus
+
+
apt_repo_components:
- main
- contrib ## for zfs
diff --git a/inventory/host_vars/ch-epimetheus.yml b/inventory/host_vars/ch-epimetheus.yml
index a4e233fa..f6a6af77 100644
--- a/inventory/host_vars/ch-epimetheus.yml
+++ b/inventory/host_vars/ch-epimetheus.yml
@@ -149,6 +149,26 @@ zfs_syncoid_sources:
storage:
recursive: yes
skip_parent: yes
+ 'ch-atlas':
+ ssh_hostname: "{{ hostvars['ch-atlas'].vm_host.network.bridges.public.prefix | ansible.utils.ipaddr(hostvars['ch-atlas'].vm_host.network.bridges.public.offsets['ch-atlas']) | ansible.utils.ipaddr('address') }}"
+ ssh_port: "{{ hostvars['ch-atlas'].ansible_port }}"
+ report_prometheus_textfile_path: "/var/lib/prometheus-node-exporter/textfile-collector"
+ periodic:
+ schedule: "*-*-* 00,06,12,18:05:00"
+ timeout: 5h
+ paths:
+ ssd/vm:
+ recursive: yes
+ skip_parent: yes
+ 'sk-2019vm':
+ ssh_hostname: "{{ hostvars['sk-2019vm'].external_ip }}"
+ ssh_port: "{{ hostvars['sk-2019vm'].ansible_port }}"
+ paths:
+ #storage/mas: {}
+ storage/streamstats: {}
+ storage/vm:
+ recursive: yes
+ skip_parent: yes
'ch-equinox-t450s':
ssh_hostname: 192.168.28.139
ssh_port: 222
diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml
index f95366b0..2eaa0f90 100644
--- a/inventory/host_vars/ch-testvm-prometheus.yml
+++ b/inventory/host_vars/ch-testvm-prometheus.yml
@@ -33,3 +33,53 @@ network:
gateway: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ansible.utils.ipaddr('address') }}"
interfaces:
- *_network_primary_
+
+
+
+
+postfix_base_mynetworks:
+ - "127.0.0.0/8"
+ - "[::ffff:127.0.0.0]/104"
+ - "[::1]/128"
+ - "{{ network_zones.svc.prefix }}"
+ - "{{ network_zones.lan.prefix | ansible.utils.ipaddr(network_zones.lan.offsets['bigmama']) | ansible.utils.ipaddr('address') }}/32"
+ - "{{ network_zones.legacy.prefix }}" ## TODO: remove once all mail sending hosts are moved out of legacy
+
+postfix_base_mydestination:
+ - "$myhostname"
+ - "{{ host_name }}.{{ host_domain }}"
+ - "localhost"
+ - mailrelay.helsinki.at
+
+postfix_base_inet_interfaces:
+ - "all"
+
+
+postfix_relay_hostname: mailrelay.helsinki.at
+
+postfix_relay_sender_canonical_maps:
+ rewrite_helsinki_subdomains:
+ type: regexp
+ content: |
+ /^(.+)@(.+)\.helsinki\.at$/i ${1}%${2}@helsinki.at
+
+postfix_relay_local_header_rewrite_clients:
+ - "permit_inet_interfaces"
+ - "permit_mynetworks"
+
+postfix_relay_tls:
+ acme: yes
+ acme_challenge_nginx_is_default_server: yes
+
+postfix_relay_auth_saslauthd:
+ mechanism: ldap
+ ldap_options:
+ auth_method: fastbind
+ servers: ldap://ldap.helsinki.at
+ start_tls: yes
+ tls_check_peer: yes
+ tls_cacert_file: "{{ global_files_dir }}/common/ldapscert.pem"
+ filter: "uid=%u,ou=People,dc=helsinki,dc=at"
+
+postfix_relay_allowed_sender_domains:
+ - helsinki.at
diff --git a/inventory/host_vars/sk-2019vm.yml b/inventory/host_vars/sk-2019vm.yml
index 39d280bc..97957fe6 100644
--- a/inventory/host_vars/sk-2019vm.yml
+++ b/inventory/host_vars/sk-2019vm.yml
@@ -21,11 +21,16 @@ network:
- name: br-public
address: "{{ vm_host.network.bridges.public.prefix | ansible.utils.ipaddr(vm_host.network.bridges.public.offsets[inventory_hostname]) }}"
+external_ip: "94.130.129.165"
+
base_intel_nic_stability_fix: true
ssh_users_root:
- equinox
- dan
+ssh_keys_root_extra:
+ - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZK9NBainiE0+A8pT8dbwlNZ0k0AZVhLTzUSo3YtKJt ZFS Backup syncoid@epimetheus
+
apt_repo_components:
- main
- contrib ## for zfs