2 files changed, 37 insertions, 2 deletions
diff --git a/inventory/host_vars/ch-nic.yml b/inventory/host_vars/ch-nic.yml
new file mode 100644
index 00000000..d26b1c40
--- /dev/null
+++ b/inventory/host_vars/ch-nic.yml
@@ -0,0 +1,32 @@
+---
+install:
+  vm:
+    mem: 768
+    numcpu: 2
+    autostart: True
+  disks:
+    primary: /dev/sda
+    scsi:
+      sda:
+        type: lvm
+        vg: "{{ hostvars[vm_host.name].host_name }}"
+        lv: "{{ inventory_hostname }}"
+        size: 10g
+  interfaces:
+  - bridge: br-svc
+    name: svc0
+
+network:
+  nameservers: "{{ network_zones.svc.dns }}"
+  domain: "{{ host_domain }}"
+  systemd_link:
+    interfaces: "{{ install.interfaces }}"
+  primary: &_network_primary_
+    name: svc0
+    address: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}"
+    gateway: "{{ network_zones.svc.gateway }}"
+    static_routes:
+    - destination: "{{ network_zones.lan.prefix }}"
+      gateway: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ipaddr('address') }}"
+  interfaces:
+  - *_network_primary_
diff --git a/inventory/host_vars/ch-router.yml b/inventory/host_vars/ch-router.yml
index 19622983..22864a59 100644
--- a/inventory/host_vars/ch-router.yml
+++ b/inventory/host_vars/ch-router.yml
@@ -1,6 +1,6 @@
 ---
 openwrt_variant: openwrt
-openwrt_release: 18.06.4
+openwrt_release: 19.07.3
 openwrt_arch: x86
 openwrt_target: 64
 openwrt_profile: Generic
@@ -153,6 +153,9 @@ openwrt_mixin:
         iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 2342 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-jump']) | ipaddr('address') }}"
         iptables -A FORWARD -i "$MAGENTA_IF" -o "$SVC_IF" -d "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-jump']) | ipaddr('address') }}" -p tcp --dport 2342 -j ACCEPT
 
+        iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 53 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-nic']) | ipaddr('address') }}"
+        iptables -A FORWARD -i "$MAGENTA_IF" -o "$SVC_IF" -d "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-nic']) | ipaddr('address') }}" -p tcp --dport 53 -j ACCEPT
+
         iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 80 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-web']) | ipaddr('address') }}"
         iptables -t nat -A PREROUTING -i "$MAGENTA_IF" -d "$MAGENTA_IPADDR" -p tcp --dport 443 -j DNAT --to "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-web']) | ipaddr('address') }}"
         iptables -A FORWARD -i "$MAGENTA_IF" -o "$SVC_IF" -d "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-web']) | ipaddr('address') }}" -p tcp --dport 80 -j ACCEPT
@@ -303,7 +306,7 @@ openwrt_uci:
 
 virsh_domxml: |
   <domain type='kvm'>
-    <name>router</name>
+    <name>ch-router</name>
     <memory>131072</memory>
     <currentMemory>131072</currentMemory>
     <vcpu>2</vcpu>