diff options
Diffstat (limited to 'inventory')
-rw-r--r-- | inventory/group_vars/chaos-at-home/network.yml | 1 | ||||
-rw-r--r-- | inventory/host_vars/ch-vpn.yml | 33 | ||||
-rw-r--r-- | inventory/hosts.ini | 2 |
3 files changed, 36 insertions, 0 deletions
diff --git a/inventory/group_vars/chaos-at-home/network.yml b/inventory/group_vars/chaos-at-home/network.yml index 0c637010..0ad3f5a4 100644 --- a/inventory/group_vars/chaos-at-home/network.yml +++ b/inventory/group_vars/chaos-at-home/network.yml @@ -54,6 +54,7 @@ network_zones: ch-apps: 1 ch-http-proxy: 8 ch-imap-proxy: 9 + ch-vpn: 10 ch-k8s-master: 20 ch-jump: 22 ch-gw-lan: 28 diff --git a/inventory/host_vars/ch-vpn.yml b/inventory/host_vars/ch-vpn.yml new file mode 100644 index 00000000..193d7417 --- /dev/null +++ b/inventory/host_vars/ch-vpn.yml @@ -0,0 +1,33 @@ +--- +install_jumphost: ch-jump + +install: + vm: + memory: 2G + numcpus: 2 + autostart: yes + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 20g + interfaces: + - bridge: br-svc + name: svc0 + +network: + nameservers: "{{ network_zones.svc.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: &_network_primary_ + name: svc0 + address: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ network_zones.svc.gateway }}" + static_routes: + - destination: "{{ network_zones.lan.prefix }}" + gateway: "{{ network_zones.svc.prefix | ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ipaddr('address') }}" + interfaces: + - *_network_primary_ diff --git a/inventory/hosts.ini b/inventory/hosts.ini index f8de1d26..f7160fb3 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -29,6 +29,7 @@ ch-auth-legacy host_name=auth ch-prometheus-legacy host_name=prometheus ch-testvm-prometheus host_name=testvm-prometheus ch-iot host_name=iot +ch-vpn host_name=vpn ch-epimetheus host_name=epimetheus ch-atlas host_name=atlas ch-pan host_name=pan @@ -286,6 +287,7 @@ ch-auth-legacy ch-prometheus-legacy ch-testvm-prometheus ch-iot +ch-vpn ch-k8s-master [vmhost-ch-prometheus] ch-prometheus |