From 10ab1cc7760172961e7b85d7b08b40d8ae455474 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 6 Sep 2019 23:38:59 +0200 Subject: revert to sane group-names... step 2 of n --- dan/ele-ap.yml | 2 +- dan/ele-dolmetsch-ctl.yml | 2 +- dan/ele-dolmetsch-raspi.yml | 2 +- dan/group_vars/elevate-festival.yml | 14 +++ dan/group_vars/elevate_festival.yml | 14 --- inventory/group_vars/dolmetsch-ctl/main.yml | 150 ++++++++++++++++++++++++ inventory/group_vars/dolmetsch_ctl/main.yml | 150 ------------------------ inventory/group_vars/ele-ap/main.yml | 58 +++++++++ inventory/group_vars/ele-dolmetsch-ctl/main.yml | 3 + inventory/group_vars/ele-infobeamer/main.yml | 12 ++ inventory/group_vars/ele_ap/main.yml | 58 --------- inventory/group_vars/ele_dolmetsch_ctl/main.yml | 3 - inventory/group_vars/ele_infobeamer/main.yml | 12 -- inventory/group_vars/elevate-festival/main.yml | 130 ++++++++++++++++++++ inventory/group_vars/elevate_festival/main.yml | 130 -------------------- inventory/group_vars/emc-xx/main.yml | 2 + inventory/group_vars/emc_xx/main.yml | 2 - inventory/group_vars/k8s-emc/main.yml | 46 ++++++++ inventory/group_vars/k8s-test/main.yml | 2 + inventory/group_vars/k8s_emc/main.yml | 46 -------- inventory/group_vars/k8s_test/main.yml | 2 - inventory/hosts.ini | 70 +++++------ roles/prepare-dkms/tasks/main.yml | 4 +- spreadspace/acme-emc.yml | 2 +- spreadspace/emc-dist.yml | 2 +- spreadspace/emc-xx.yml | 2 +- spreadspace/k8s-emc.yml | 6 +- 27 files changed, 463 insertions(+), 463 deletions(-) create mode 100644 dan/group_vars/elevate-festival.yml delete mode 100644 dan/group_vars/elevate_festival.yml create mode 100644 inventory/group_vars/dolmetsch-ctl/main.yml delete mode 100644 inventory/group_vars/dolmetsch_ctl/main.yml create mode 100644 inventory/group_vars/ele-ap/main.yml create mode 100644 inventory/group_vars/ele-dolmetsch-ctl/main.yml create mode 100644 inventory/group_vars/ele-infobeamer/main.yml delete mode 100644 inventory/group_vars/ele_ap/main.yml delete mode 100644 inventory/group_vars/ele_dolmetsch_ctl/main.yml delete mode 100644 inventory/group_vars/ele_infobeamer/main.yml create mode 100644 inventory/group_vars/elevate-festival/main.yml delete mode 100644 inventory/group_vars/elevate_festival/main.yml create mode 100644 inventory/group_vars/emc-xx/main.yml delete mode 100644 inventory/group_vars/emc_xx/main.yml create mode 100644 inventory/group_vars/k8s-emc/main.yml create mode 100644 inventory/group_vars/k8s-test/main.yml delete mode 100644 inventory/group_vars/k8s_emc/main.yml delete mode 100644 inventory/group_vars/k8s_test/main.yml diff --git a/dan/ele-ap.yml b/dan/ele-ap.yml index 4eebf849..a64ed8a4 100644 --- a/dan/ele-ap.yml +++ b/dan/ele-ap.yml @@ -1,5 +1,5 @@ --- -- hosts: ele_ap +- hosts: ele-ap connection: local roles: - role: openwrt/image diff --git a/dan/ele-dolmetsch-ctl.yml b/dan/ele-dolmetsch-ctl.yml index 48e0a101..d16cfbdb 100644 --- a/dan/ele-dolmetsch-ctl.yml +++ b/dan/ele-dolmetsch-ctl.yml @@ -1,5 +1,5 @@ --- -- hosts: ele_dolmetsch_ctl +- hosts: ele-dolmetsch-ctl connection: local roles: - role: openwrt/image diff --git a/dan/ele-dolmetsch-raspi.yml b/dan/ele-dolmetsch-raspi.yml index 386dbebc..5b1068e0 100644 --- a/dan/ele-dolmetsch-raspi.yml +++ b/dan/ele-dolmetsch-raspi.yml @@ -1,5 +1,5 @@ --- -- hosts: ele_dolmetsch_raspi +- hosts: ele-dolmetsch-raspi roles: - role: slim/raspbian - role: base diff --git a/dan/group_vars/elevate-festival.yml b/dan/group_vars/elevate-festival.yml new file mode 100644 index 00000000..15ceffe4 --- /dev/null +++ b/dan/group_vars/elevate-festival.yml @@ -0,0 +1,14 @@ +$ANSIBLE_VAULT;1.2;AES256;dan +61316632366662306165383263396166313836653634303662633263386565383963313834333564 +3430306339623039323531356461306531343430653632340a666532356466303130663232363465 +37313431343730313731643735393035623232346638363065386533646539323233653061383439 +3665623938636533320a353033313361346566336439653961303066626161666237656436303537 +37663439363331363764643331373361326430323965306239366532353563636566356330643731 +32343262393763666632323139346266353235313635636632316361613936393665393832336437 +66616431353763313834646330396265326235343834313034633838376132303337383931313930 +38376331613634376662633262643164393863663335363663353963373935656261323866383236 +35396231333338633934323065393633623835386230343035343136376631373032653034373665 +30386132306531646437373632613537336630656363383533633134396536313364653066373863 +38323237356533643661326139316338656636393133303239346238343032646239303138386639 +62646233386133653462636537353139643838653261323734613665393564386464353565373036 +38326462316664326264303939653861376161356433326439346437376431313237 diff --git a/dan/group_vars/elevate_festival.yml b/dan/group_vars/elevate_festival.yml deleted file mode 100644 index 15ceffe4..00000000 --- a/dan/group_vars/elevate_festival.yml +++ /dev/null @@ -1,14 +0,0 @@ -$ANSIBLE_VAULT;1.2;AES256;dan -61316632366662306165383263396166313836653634303662633263386565383963313834333564 -3430306339623039323531356461306531343430653632340a666532356466303130663232363465 -37313431343730313731643735393035623232346638363065386533646539323233653061383439 -3665623938636533320a353033313361346566336439653961303066626161666237656436303537 -37663439363331363764643331373361326430323965306239366532353563636566356330643731 -32343262393763666632323139346266353235313635636632316361613936393665393832336437 -66616431353763313834646330396265326235343834313034633838376132303337383931313930 -38376331613634376662633262643164393863663335363663353963373935656261323866383236 -35396231333338633934323065393633623835386230343035343136376631373032653034373665 -30386132306531646437373632613537336630656363383533633134396536313364653066373863 -38323237356533643661326139316338656636393133303239346238343032646239303138386639 -62646233386133653462636537353139643838653261323734613665393564386464353565373036 -38326462316664326264303939653861376161356433326439346437376431313237 diff --git a/inventory/group_vars/dolmetsch-ctl/main.yml b/inventory/group_vars/dolmetsch-ctl/main.yml new file mode 100644 index 00000000..d1ffc8ae --- /dev/null +++ b/inventory/group_vars/dolmetsch-ctl/main.yml @@ -0,0 +1,150 @@ +--- +openwrt_variant: lede +openwrt_release: 17.01.6 +openwrt_arch: ar71xx +openwrt_target: generic +openwrt_profile: tl-wr710n-v2 +openwrt_output_image_suffixes: + - "generic-{{ openwrt_profile }}-squashfs-sysupgrade.bin" + +openwrt_packages_remove: + - kmod-gpio-button-hotplug + - kmod-ath9k + - wpad-mini + - ppp + - ppp-mod-pppoe + - dnsmasq + - firewall + - odhcpd + - odhcpd-ipv6only +openwrt_packages_add: + - haveged + - htop + - ip + - less + - nano + - tcpdump-mini + - kmod-usb-audio + - alsa-lib + - alsa-utils + - alsa-utils-seq + + +openwrt_mixin: + /etc/sysctl.conf: + content: | + # Defaults are configured in /etc/sysctl.d/* and can be customized in this file + # + # disable IP forwarding, we don't need it since we are no router + net.ipv4.conf.default.forwarding=0 + net.ipv4.conf.all.forwarding=0 + net.ipv4.ip_forward=0 + net.ipv6.conf.default.forwarding=0 + net.ipv6.conf.all.forwarding=0 + + /etc/dropbear/authorized_keys: + content: "{{ ssh_keys_root | join('\n') }}\n" + + /etc/htoprc: + file: "{{ global_files_dir }}/common/htoprc" + + /etc/rc.d/S22network-fw: + link: "../init.d/network-fw" + + /etc/rc.d/K91network-fw: + link: "../init.d/network-fw" + + /etc/init.d/network-fw: + mode: "0755" + content: | + #!/bin/sh /etc/rc.common + + START=22 + STOP=91 + + start() { + MGMT_IF=$(uci get network.mgmt.ifname) + MGMT_IPADDR=$(uci get network.mgmt.ipaddr) + MGMT_NETMASK=$(uci get network.mgmt.netmask) + MIXER_IF=br-mixer + MIXER_IPADDR=$(uci get network.mixer.ipaddr) + MIXER_NETMASK=$(uci get network.mixer.netmask) + + + iptables -A INPUT -i lo -d 127.0.0.0/8 -s 127.0.0.0/8 -j ACCEPT + iptables -A INPUT -i "$MGMT_IF" -d "$MGMT_IPADDR" -s "$MGMT_IPADDR/$MGMT_NETMASK" -j ACCEPT + + iptables -A INPUT -i "$MIXER_IF" -p tcp --dport 22000 -d "$MIXER_IPADDR" -j REJECT --reject-with tcp-reset + iptables -A INPUT -i "$MIXER_IF" -p icmp -d "$MIXER_IPADDR" -s "$MIXER_IPADDR/$MIXER_NETMASK" -j ACCEPT + iptables -A INPUT -i "$MIXER_IF" -p udp -d "$MIXER_IPADDR" -s "$MIXER_IPADDR/$MIXER_NETMASK" -j ACCEPT + iptables -A INPUT -i "$MIXER_IF" -p tcp -d "$MIXER_IPADDR" -s "$MIXER_IPADDR/$MIXER_NETMASK" -j ACCEPT + iptables -A INPUT -i "$MIXER_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT + + iptables -P INPUT DROP + iptables -P FORWARD DROP + } + + stop() { + iptables -P INPUT ACCEPT + iptables -F INPUT + iptables -P FORWARD ACCEPT + } + + +openwrt_uci: + system: + - name: system + options: + hostname: '{{ inventory_hostname }}' + timezone: 'CET-1CEST,M3.5.0,M10.5.0/3' + ttylogin: '0' + log_size: '64' + urandom_seed: '0' + + - name: timeserver 'ntp' + options: + enabled: '1' + enable_server: '0' + server: + - '0.lede.pool.ntp.org' + - '1.lede.pool.ntp.org' + - '2.lede.pool.ntp.org' + - '3.lede.pool.ntp.org' + + dropbear: + - name: dropbear + options: + PasswordAuth: 'off' + RootPasswordAuth: 'off' + Port: '22000' + + network: + - name: globals 'globals' + options: + ula_prefix: "fc{{ '%02x:%04x:%04x' | format((255 | random(seed=inventory_hostname + '0')), (65535 | random(seed=inventory_hostname + '1')), (65535 | random(seed=inventory_hostname + '2'))) }}::/48" + + - name: interface 'loopback' + options: + ifname: lo + proto: static + ipaddr: 127.0.0.1 + netmask: 255.0.0.0 + + - name: interface 'mgmt' + options: + ifname: "eth0.{{ network_mgmt_zone.vlan }}" + accept_ra: 0 + proto: static + ipaddr: "{{ network_mgmt_zone.prefix | ipaddr(network_mgmt_zone.offsets[inventory_hostname]) | ipaddr('address') }}" + netmask: "{{ network_mgmt_zone.prefix | ipaddr('netmask') }}" + + - name: interface 'mixer' + options: + type: bridge + ifname: "eth0.{{ network_mixer_zone.vlan }} eth1" + accept_ra: 0 + proto: static + ipaddr: "{{ network_mixer_zone.prefix | ipaddr(network_mixer_zone.offsets[inventory_hostname]) | ipaddr('address') }}" + netmask: "{{ network_mixer_zone.prefix | ipaddr('netmask') }}" + gateway: "{{ network_mixer_zone.gw }}" + dns: "{{ network_mixer_zone.dns }}" diff --git a/inventory/group_vars/dolmetsch_ctl/main.yml b/inventory/group_vars/dolmetsch_ctl/main.yml deleted file mode 100644 index d1ffc8ae..00000000 --- a/inventory/group_vars/dolmetsch_ctl/main.yml +++ /dev/null @@ -1,150 +0,0 @@ ---- -openwrt_variant: lede -openwrt_release: 17.01.6 -openwrt_arch: ar71xx -openwrt_target: generic -openwrt_profile: tl-wr710n-v2 -openwrt_output_image_suffixes: - - "generic-{{ openwrt_profile }}-squashfs-sysupgrade.bin" - -openwrt_packages_remove: - - kmod-gpio-button-hotplug - - kmod-ath9k - - wpad-mini - - ppp - - ppp-mod-pppoe - - dnsmasq - - firewall - - odhcpd - - odhcpd-ipv6only -openwrt_packages_add: - - haveged - - htop - - ip - - less - - nano - - tcpdump-mini - - kmod-usb-audio - - alsa-lib - - alsa-utils - - alsa-utils-seq - - -openwrt_mixin: - /etc/sysctl.conf: - content: | - # Defaults are configured in /etc/sysctl.d/* and can be customized in this file - # - # disable IP forwarding, we don't need it since we are no router - net.ipv4.conf.default.forwarding=0 - net.ipv4.conf.all.forwarding=0 - net.ipv4.ip_forward=0 - net.ipv6.conf.default.forwarding=0 - net.ipv6.conf.all.forwarding=0 - - /etc/dropbear/authorized_keys: - content: "{{ ssh_keys_root | join('\n') }}\n" - - /etc/htoprc: - file: "{{ global_files_dir }}/common/htoprc" - - /etc/rc.d/S22network-fw: - link: "../init.d/network-fw" - - /etc/rc.d/K91network-fw: - link: "../init.d/network-fw" - - /etc/init.d/network-fw: - mode: "0755" - content: | - #!/bin/sh /etc/rc.common - - START=22 - STOP=91 - - start() { - MGMT_IF=$(uci get network.mgmt.ifname) - MGMT_IPADDR=$(uci get network.mgmt.ipaddr) - MGMT_NETMASK=$(uci get network.mgmt.netmask) - MIXER_IF=br-mixer - MIXER_IPADDR=$(uci get network.mixer.ipaddr) - MIXER_NETMASK=$(uci get network.mixer.netmask) - - - iptables -A INPUT -i lo -d 127.0.0.0/8 -s 127.0.0.0/8 -j ACCEPT - iptables -A INPUT -i "$MGMT_IF" -d "$MGMT_IPADDR" -s "$MGMT_IPADDR/$MGMT_NETMASK" -j ACCEPT - - iptables -A INPUT -i "$MIXER_IF" -p tcp --dport 22000 -d "$MIXER_IPADDR" -j REJECT --reject-with tcp-reset - iptables -A INPUT -i "$MIXER_IF" -p icmp -d "$MIXER_IPADDR" -s "$MIXER_IPADDR/$MIXER_NETMASK" -j ACCEPT - iptables -A INPUT -i "$MIXER_IF" -p udp -d "$MIXER_IPADDR" -s "$MIXER_IPADDR/$MIXER_NETMASK" -j ACCEPT - iptables -A INPUT -i "$MIXER_IF" -p tcp -d "$MIXER_IPADDR" -s "$MIXER_IPADDR/$MIXER_NETMASK" -j ACCEPT - iptables -A INPUT -i "$MIXER_IF" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - - iptables -P INPUT DROP - iptables -P FORWARD DROP - } - - stop() { - iptables -P INPUT ACCEPT - iptables -F INPUT - iptables -P FORWARD ACCEPT - } - - -openwrt_uci: - system: - - name: system - options: - hostname: '{{ inventory_hostname }}' - timezone: 'CET-1CEST,M3.5.0,M10.5.0/3' - ttylogin: '0' - log_size: '64' - urandom_seed: '0' - - - name: timeserver 'ntp' - options: - enabled: '1' - enable_server: '0' - server: - - '0.lede.pool.ntp.org' - - '1.lede.pool.ntp.org' - - '2.lede.pool.ntp.org' - - '3.lede.pool.ntp.org' - - dropbear: - - name: dropbear - options: - PasswordAuth: 'off' - RootPasswordAuth: 'off' - Port: '22000' - - network: - - name: globals 'globals' - options: - ula_prefix: "fc{{ '%02x:%04x:%04x' | format((255 | random(seed=inventory_hostname + '0')), (65535 | random(seed=inventory_hostname + '1')), (65535 | random(seed=inventory_hostname + '2'))) }}::/48" - - - name: interface 'loopback' - options: - ifname: lo - proto: static - ipaddr: 127.0.0.1 - netmask: 255.0.0.0 - - - name: interface 'mgmt' - options: - ifname: "eth0.{{ network_mgmt_zone.vlan }}" - accept_ra: 0 - proto: static - ipaddr: "{{ network_mgmt_zone.prefix | ipaddr(network_mgmt_zone.offsets[inventory_hostname]) | ipaddr('address') }}" - netmask: "{{ network_mgmt_zone.prefix | ipaddr('netmask') }}" - - - name: interface 'mixer' - options: - type: bridge - ifname: "eth0.{{ network_mixer_zone.vlan }} eth1" - accept_ra: 0 - proto: static - ipaddr: "{{ network_mixer_zone.prefix | ipaddr(network_mixer_zone.offsets[inventory_hostname]) | ipaddr('address') }}" - netmask: "{{ network_mixer_zone.prefix | ipaddr('netmask') }}" - gateway: "{{ network_mixer_zone.gw }}" - dns: "{{ network_mixer_zone.dns }}" diff --git a/inventory/group_vars/ele-ap/main.yml b/inventory/group_vars/ele-ap/main.yml new file mode 100644 index 00000000..e74539e3 --- /dev/null +++ b/inventory/group_vars/ele-ap/main.yml @@ -0,0 +1,58 @@ +--- +network_mgmt_zone: "{{ network_zones.mgmt }}" + +accesspoint_wifi_channels: + 2g4: + ele-ap-forum0: 5 + ele-ap-forum1: 13 + ele-ap-forum2: 9 + ele-ap-forum3: 1 + ele-ap-dom0: 6 + ele-ap-kunsthaus0: 8 + ele-ap-orpheum0: 8 + 5g: + ele-ap-forum0: 40 + ele-ap-forum1: 48 + ele-ap-forum2: 44 + ele-ap-forum3: 36 + ele-ap-dom0: 40 + ele-ap-kunsthaus0: 36 + ele-ap-orpheum0: 48 + +accesspoint_zones: + lan: "{{ network_zones.lan.wifi }}" + guest: "{{ network_zones.guest.wifi }}" + infoscreens: "{{ network_zones.infoscreens.wifi }}" + + +accesspoint_network_zones: "{{ accesspoint_network_zones_yaml | from_yaml }}" +accesspoint_network_zones_yaml: | + {% for zone_name in accesspoint_zones.keys() %} + - name: "interface '{{ zone_name }}'" + options: + type: bridge + ifname: "{{ accesspoint_wired_interface }}.{{ network_zones[zone_name].vlan }}" + accept_ra: 0 + proto: none + {% endfor %} + + +## TODO: set up 802.11r see: +## * https://www.reddit.com/r/openwrt/comments/515oea/finally_got_80211r_roaming_working/ +## * https://gist.github.com/lg/998d3e908d547bd9972a6bb604df377b +accesspoint_wireless_ifaces: "{{ accesspoint_wireless_ifaces_yaml | from_yaml }}" +accesspoint_wireless_ifaces_yaml: | + {% for zone in accesspoint_zones.keys() %} + {% for freq in accesspoint_wireless_frequencies %} + - name: wifi-iface '{{ zone }}{{ freq }}' + options: + device: 'radio{{ freq }}' + network: '{{ zone }}' + mode: 'ap' + disassoc_low_ack: '1' + rsn_preauth: '1' + ssid: '{{ accesspoint_zones[zone].ssid }}' + encryption: '{{ accesspoint_zones[zone].encryption }}' + key: '{{ accesspoint_zones[zone].key }}' + {% endfor %} + {% endfor %} diff --git a/inventory/group_vars/ele-dolmetsch-ctl/main.yml b/inventory/group_vars/ele-dolmetsch-ctl/main.yml new file mode 100644 index 00000000..a69d45ee --- /dev/null +++ b/inventory/group_vars/ele-dolmetsch-ctl/main.yml @@ -0,0 +1,3 @@ +--- +network_mgmt_zone: "{{ network_zones.mgmt }}" +network_mixer_zone: "{{ network_zones.mixer }}" diff --git a/inventory/group_vars/ele-infobeamer/main.yml b/inventory/group_vars/ele-infobeamer/main.yml new file mode 100644 index 00000000..4e513286 --- /dev/null +++ b/inventory/group_vars/ele-infobeamer/main.yml @@ -0,0 +1,12 @@ +--- +info_beamer_tvservice: "{{ info_beamer_tvservices['1080p50'] }}" +info_beamer_audio_target: "hdmi" +info_beamer_ssh_keys: "{{ ssh_keys_root }}" + +info_beamer_wireless: "{{ network_zones.infoscreens.wifi }}" +info_beamer_prefer_wired: true + +info_beamer_branding_logo: "{{ global_files_dir }}/dan/elevate/info-beamer/branding.ppm" +info_beamer_branding_background: "{{ global_files_dir }}/dan/elevate/info-beamer/e19-branding.jpg" + +info_beamer_device_connect_key: "{{ vault_info_beamer_device_connect_key }}" diff --git a/inventory/group_vars/ele_ap/main.yml b/inventory/group_vars/ele_ap/main.yml deleted file mode 100644 index e74539e3..00000000 --- a/inventory/group_vars/ele_ap/main.yml +++ /dev/null @@ -1,58 +0,0 @@ ---- -network_mgmt_zone: "{{ network_zones.mgmt }}" - -accesspoint_wifi_channels: - 2g4: - ele-ap-forum0: 5 - ele-ap-forum1: 13 - ele-ap-forum2: 9 - ele-ap-forum3: 1 - ele-ap-dom0: 6 - ele-ap-kunsthaus0: 8 - ele-ap-orpheum0: 8 - 5g: - ele-ap-forum0: 40 - ele-ap-forum1: 48 - ele-ap-forum2: 44 - ele-ap-forum3: 36 - ele-ap-dom0: 40 - ele-ap-kunsthaus0: 36 - ele-ap-orpheum0: 48 - -accesspoint_zones: - lan: "{{ network_zones.lan.wifi }}" - guest: "{{ network_zones.guest.wifi }}" - infoscreens: "{{ network_zones.infoscreens.wifi }}" - - -accesspoint_network_zones: "{{ accesspoint_network_zones_yaml | from_yaml }}" -accesspoint_network_zones_yaml: | - {% for zone_name in accesspoint_zones.keys() %} - - name: "interface '{{ zone_name }}'" - options: - type: bridge - ifname: "{{ accesspoint_wired_interface }}.{{ network_zones[zone_name].vlan }}" - accept_ra: 0 - proto: none - {% endfor %} - - -## TODO: set up 802.11r see: -## * https://www.reddit.com/r/openwrt/comments/515oea/finally_got_80211r_roaming_working/ -## * https://gist.github.com/lg/998d3e908d547bd9972a6bb604df377b -accesspoint_wireless_ifaces: "{{ accesspoint_wireless_ifaces_yaml | from_yaml }}" -accesspoint_wireless_ifaces_yaml: | - {% for zone in accesspoint_zones.keys() %} - {% for freq in accesspoint_wireless_frequencies %} - - name: wifi-iface '{{ zone }}{{ freq }}' - options: - device: 'radio{{ freq }}' - network: '{{ zone }}' - mode: 'ap' - disassoc_low_ack: '1' - rsn_preauth: '1' - ssid: '{{ accesspoint_zones[zone].ssid }}' - encryption: '{{ accesspoint_zones[zone].encryption }}' - key: '{{ accesspoint_zones[zone].key }}' - {% endfor %} - {% endfor %} diff --git a/inventory/group_vars/ele_dolmetsch_ctl/main.yml b/inventory/group_vars/ele_dolmetsch_ctl/main.yml deleted file mode 100644 index a69d45ee..00000000 --- a/inventory/group_vars/ele_dolmetsch_ctl/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -network_mgmt_zone: "{{ network_zones.mgmt }}" -network_mixer_zone: "{{ network_zones.mixer }}" diff --git a/inventory/group_vars/ele_infobeamer/main.yml b/inventory/group_vars/ele_infobeamer/main.yml deleted file mode 100644 index 4e513286..00000000 --- a/inventory/group_vars/ele_infobeamer/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -info_beamer_tvservice: "{{ info_beamer_tvservices['1080p50'] }}" -info_beamer_audio_target: "hdmi" -info_beamer_ssh_keys: "{{ ssh_keys_root }}" - -info_beamer_wireless: "{{ network_zones.infoscreens.wifi }}" -info_beamer_prefer_wired: true - -info_beamer_branding_logo: "{{ global_files_dir }}/dan/elevate/info-beamer/branding.ppm" -info_beamer_branding_background: "{{ global_files_dir }}/dan/elevate/info-beamer/e19-branding.jpg" - -info_beamer_device_connect_key: "{{ vault_info_beamer_device_connect_key }}" diff --git a/inventory/group_vars/elevate-festival/main.yml b/inventory/group_vars/elevate-festival/main.yml new file mode 100644 index 00000000..5a513cfe --- /dev/null +++ b/inventory/group_vars/elevate-festival/main.yml @@ -0,0 +1,130 @@ +--- +network_zones: + lan: + vlan: 18 + prefix: 192.168.18.0/24 + gw: 192.168.18.254 + dns: + - 192.168.18.254 + dhcp: + start: 1 + limit: 199 + offsets: + ele-media: 200 + ele-telesto: 201 + ele-thetys: 202 + ## liquid truth + ele-lt-forum: 210 + ele-lt-uhrturm: 211 + ele-uhrturm: 212 + ele-liquidtruth: 213 + ele-uhrturm-switch: 214 + ele-uhrturm-ap: 215 + datacop: 249 + equinox-t450s: 250 + ele-laptop: 251 + wifi: + ssid: "elevate Staff" + encryption: "psk2" + key: "{{ vault_wifi_keys.lan }}" + + guest: + vlan: 23 + prefix: 192.168.23.0/24 + gw: 192.168.23.254 + dns: + - 192.168.23.254 + dhcp: + start: 1 + limit: 250 + leasetime: 2h + wifi: + ssid: "elevate Public" + encryption: "psk2" + key: "{{ vault_wifi_keys.guest }}" + + mgmt: + vlan: 42 + prefix: 192.168.42.0/24 + offsets: + ele-sw-spreadencoder: 1 + ele-sw-spreadmixer: 2 + ele-sw-forum0: 10 + ele-sw-forum1: 11 + ele-sw-dom0: 20 + ele-sw-kunsthaus0: 30 + ele-sw-orpheum0: 40 + dione: 100 ## ipmi + helene: 101 ## ipmi + ele-ap-forum0: 110 + ele-ap-forum1: 111 + ele-ap-forum2: 112 + ele-ap-forum3: 113 + ele-ap-dom0: 120 + ele-ap-kunsthaus0: 130 + ele-ap-orpheum0: 140 + ele-dol-mixer: 200 + ele-dol-translator: 201 + datacop: 249 + equinox-t450s: 250 + ele-router: 254 + + mixer: + vlan: 48 + prefix: 192.168.48.0/24 + offsets: + kuschelbaer: 48 + atem-datacop: 90 + hyperdeck-datacop: 91 + atemctrl-datacop: 92 + atemwinvm-datacop: 93 + ele-dol-mixer: 100 + ele-dol-translator: 101 + ele-dol-raspi0: 102 + ele-dol-raspi1: 103 + atem: 208 + x32core: 216 + datacop: 249 + equinox-t450s: 250 + gw: 192.168.48.254 + dns: + - 192.168.48.254 + + infoscreens: + vlan: 73 + prefix: 192.168.73.0/24 + gw: 192.168.73.254 + dns: + - 192.168.73.254 + dhcp: + start: 100 + limit: 199 + wifi: + ssid: "elevate Infoscreens" + encryption: "psk2" + key: "{{ vault_wifi_keys.infoscreens }}" + + ccinet: + vlan: 128 + prefix: 85.237.2.96/28 + gw: 85.237.2.97 + dns: + - 217.29.144.65 + - 217.29.144.66 + offsets: + ## citycom uses offset 1,2 and 3 + ele-router: 4 # 85.237.2.100 + ele-media: 5 # 85.237.2.101 + + ccemc: + vlan: 129 + prefix: 85.237.28.192/28 + gw: 85.237.28.193 + dns: + - 217.29.144.65 + - 217.29.144.66 + offsets: + ## citycom uses offset 1,2 and 3 + helene: 4 # 85.237.28.196 + dione: 5 # 85.237.28.197 + ele-laptop: 7 # 85.237.28.199 diff --git a/inventory/group_vars/elevate_festival/main.yml b/inventory/group_vars/elevate_festival/main.yml deleted file mode 100644 index 5a513cfe..00000000 --- a/inventory/group_vars/elevate_festival/main.yml +++ /dev/null @@ -1,130 +0,0 @@ ---- -network_zones: - lan: - vlan: 18 - prefix: 192.168.18.0/24 - gw: 192.168.18.254 - dns: - - 192.168.18.254 - dhcp: - start: 1 - limit: 199 - offsets: - ele-media: 200 - ele-telesto: 201 - ele-thetys: 202 - ## liquid truth - ele-lt-forum: 210 - ele-lt-uhrturm: 211 - ele-uhrturm: 212 - ele-liquidtruth: 213 - ele-uhrturm-switch: 214 - ele-uhrturm-ap: 215 - datacop: 249 - equinox-t450s: 250 - ele-laptop: 251 - wifi: - ssid: "elevate Staff" - encryption: "psk2" - key: "{{ vault_wifi_keys.lan }}" - - guest: - vlan: 23 - prefix: 192.168.23.0/24 - gw: 192.168.23.254 - dns: - - 192.168.23.254 - dhcp: - start: 1 - limit: 250 - leasetime: 2h - wifi: - ssid: "elevate Public" - encryption: "psk2" - key: "{{ vault_wifi_keys.guest }}" - - mgmt: - vlan: 42 - prefix: 192.168.42.0/24 - offsets: - ele-sw-spreadencoder: 1 - ele-sw-spreadmixer: 2 - ele-sw-forum0: 10 - ele-sw-forum1: 11 - ele-sw-dom0: 20 - ele-sw-kunsthaus0: 30 - ele-sw-orpheum0: 40 - dione: 100 ## ipmi - helene: 101 ## ipmi - ele-ap-forum0: 110 - ele-ap-forum1: 111 - ele-ap-forum2: 112 - ele-ap-forum3: 113 - ele-ap-dom0: 120 - ele-ap-kunsthaus0: 130 - ele-ap-orpheum0: 140 - ele-dol-mixer: 200 - ele-dol-translator: 201 - datacop: 249 - equinox-t450s: 250 - ele-router: 254 - - mixer: - vlan: 48 - prefix: 192.168.48.0/24 - offsets: - kuschelbaer: 48 - atem-datacop: 90 - hyperdeck-datacop: 91 - atemctrl-datacop: 92 - atemwinvm-datacop: 93 - ele-dol-mixer: 100 - ele-dol-translator: 101 - ele-dol-raspi0: 102 - ele-dol-raspi1: 103 - atem: 208 - x32core: 216 - datacop: 249 - equinox-t450s: 250 - gw: 192.168.48.254 - dns: - - 192.168.48.254 - - infoscreens: - vlan: 73 - prefix: 192.168.73.0/24 - gw: 192.168.73.254 - dns: - - 192.168.73.254 - dhcp: - start: 100 - limit: 199 - wifi: - ssid: "elevate Infoscreens" - encryption: "psk2" - key: "{{ vault_wifi_keys.infoscreens }}" - - ccinet: - vlan: 128 - prefix: 85.237.2.96/28 - gw: 85.237.2.97 - dns: - - 217.29.144.65 - - 217.29.144.66 - offsets: - ## citycom uses offset 1,2 and 3 - ele-router: 4 # 85.237.2.100 - ele-media: 5 # 85.237.2.101 - - ccemc: - vlan: 129 - prefix: 85.237.28.192/28 - gw: 85.237.28.193 - dns: - - 217.29.144.65 - - 217.29.144.66 - offsets: - ## citycom uses offset 1,2 and 3 - helene: 4 # 85.237.28.196 - dione: 5 # 85.237.28.197 - ele-laptop: 7 # 85.237.28.199 diff --git a/inventory/group_vars/emc-xx/main.yml b/inventory/group_vars/emc-xx/main.yml new file mode 100644 index 00000000..e4fc5e0d --- /dev/null +++ b/inventory/group_vars/emc-xx/main.yml @@ -0,0 +1,2 @@ +--- +acmetool_directory_server: "{{ acmetool_directory_server_le_live }}" diff --git a/inventory/group_vars/emc_xx/main.yml b/inventory/group_vars/emc_xx/main.yml deleted file mode 100644 index e4fc5e0d..00000000 --- a/inventory/group_vars/emc_xx/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -acmetool_directory_server: "{{ acmetool_directory_server_le_live }}" diff --git a/inventory/group_vars/k8s-emc/main.yml b/inventory/group_vars/k8s-emc/main.yml new file mode 100644 index 00000000..18c28177 --- /dev/null +++ b/inventory/group_vars/k8s-emc/main.yml @@ -0,0 +1,46 @@ +--- +docker_pkg_provider: docker-com +docker_pkg_name: docker-ce +docker_pkg_version: 18.06.1~ce~3-0~debian + +kubernetes_version: 1.13.2 + +kubernetes: + cluster_name: emc + + version: "{{ kubernetes_version }}" + pkg_version: "{{ kubernetes_version }}-00" + + dedicated_master: True + api_advertise_ip: 144.76.160.141 + api_extra_sans: + - emc-master.spreadspace.org + + pod_ip_range: 172.18.0.0/16 + pod_ip_range_size: 24 + service_ip_range: 172.18.192.0/18 + ## net_index must be in the range between 1 and 190 -> 189 hosts possible + ## + ## hardcoded hostnames are not nice but if we do this via host_vars + ## the info is spread over multiple files and this makes it more diffcult + ## to find mistakes, so it is nicer to keep it in one place... + net_index: + emc-01: 1 + emc-02: 2 + emc-03: 3 + emc-04: 4 + emc-05: 5 + emc-06: 6 + emc-00: 100 + emc-dist0: 110 + dione: 111 + helene: 112 + emc-stats: 120 + emc-master: 127 + + direct_net_zones: + encoder: + transfer_net: 172.18.191.0/24 + node_interface: + dione: eno2 + helene: eno2 diff --git a/inventory/group_vars/k8s-test/main.yml b/inventory/group_vars/k8s-test/main.yml new file mode 100644 index 00000000..7e5cbe2e --- /dev/null +++ b/inventory/group_vars/k8s-test/main.yml @@ -0,0 +1,2 @@ +--- +zsh_banner: chaos-at-home diff --git a/inventory/group_vars/k8s_emc/main.yml b/inventory/group_vars/k8s_emc/main.yml deleted file mode 100644 index 18c28177..00000000 --- a/inventory/group_vars/k8s_emc/main.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -docker_pkg_provider: docker-com -docker_pkg_name: docker-ce -docker_pkg_version: 18.06.1~ce~3-0~debian - -kubernetes_version: 1.13.2 - -kubernetes: - cluster_name: emc - - version: "{{ kubernetes_version }}" - pkg_version: "{{ kubernetes_version }}-00" - - dedicated_master: True - api_advertise_ip: 144.76.160.141 - api_extra_sans: - - emc-master.spreadspace.org - - pod_ip_range: 172.18.0.0/16 - pod_ip_range_size: 24 - service_ip_range: 172.18.192.0/18 - ## net_index must be in the range between 1 and 190 -> 189 hosts possible - ## - ## hardcoded hostnames are not nice but if we do this via host_vars - ## the info is spread over multiple files and this makes it more diffcult - ## to find mistakes, so it is nicer to keep it in one place... - net_index: - emc-01: 1 - emc-02: 2 - emc-03: 3 - emc-04: 4 - emc-05: 5 - emc-06: 6 - emc-00: 100 - emc-dist0: 110 - dione: 111 - helene: 112 - emc-stats: 120 - emc-master: 127 - - direct_net_zones: - encoder: - transfer_net: 172.18.191.0/24 - node_interface: - dione: eno2 - helene: eno2 diff --git a/inventory/group_vars/k8s_test/main.yml b/inventory/group_vars/k8s_test/main.yml deleted file mode 100644 index 7e5cbe2e..00000000 --- a/inventory/group_vars/k8s_test/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -zsh_banner: chaos-at-home diff --git a/inventory/hosts.ini b/inventory/hosts.ini index bf2c0fb3..8681ba99 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -96,13 +96,13 @@ emc-stats emc-master [emc:children] -emc_dist -emc_xx +emc-dist +emc-xx -[emc_dist] +[emc-dist] #emc-dist0 -[emc_xx] +[emc-xx] #emc-0[0:6] emc-00 @@ -121,21 +121,21 @@ sk2016 host_name=2016 ansible_port=22000 sk-cloudia host_name=cloudia -[ele_ap] +[ele-ap] ele-ap-forum[0:3] #ele-ap-dom0 ele-ap-kunsthaus0 ele-ap-orpheum0 -[ele_dolmetsch_ctl] +[ele-dolmetsch-ctl] ele-dol-mixer ele-dol-translator -[ele_dolmetsch_raspi] +[ele-dolmetsch-raspi] ele-dol-raspi0 ele-dol-raspi1 -[ele_infobeamer] +[ele-infobeamer] ele-infobeamer-emc ele-infobeamer-orpheum ele-infobeamer-default @@ -153,10 +153,10 @@ ele-uhrturm host_name=uhrturm ele-lt host_name=liquidtruth ansible_port=222 [elevate:children] -ele_ap -ele_dolmetsch_ctl -ele_dolmetsch_raspi -ele_infobeamer +ele-ap +ele-dolmetsch-ctl +ele-dolmetsch-raspi +ele-infobeamer ############################### @@ -205,57 +205,57 @@ emc-stats emc-master [hetzner:children] -emc_xx +emc-xx hroot hcloud -[scaleway_kernel] +[scaleway-kernel] [scaleway] [scaleway:children] -scaleway_kernel +scaleway-kernel [accesspoints:children] -ele_ap +ele-ap chaos-at-home-ap -[dolmetsch_ctl:children] -ele_dolmetsch_ctl +[dolmetsch-ctl:children] +ele-dolmetsch-ctl -[dolmetsch_raspi:children] -ele_dolmetsch_raspi +[dolmetsch-raspi:children] +ele-dolmetsch-raspi ### kubernetes cluster: emc -[k8s_emc_encoder] +[k8s-emc-encoder] #dione #helene -[k8s_emc_distribution:children] -emc_dist +[k8s-emc-distribution:children] +emc-dist -[k8s_emc_streamer:children] -emc_xx +[k8s-emc-streamer:children] +emc-xx -[k8s_emc_master] +[k8s-emc-master] emc-master -[k8s_emc_stats] +[k8s-emc-stats] emc-stats -[k8s_emc:children] -k8s_emc_master -k8s_emc_encoder -k8s_emc_distribution -k8s_emc_streamer -k8s_emc_stats +[k8s-emc:children] +k8s-emc-master +k8s-emc-encoder +k8s-emc-distribution +k8s-emc-streamer +k8s-emc-stats ### Elevate Festival -[elevate_festival:children] +[elevate-festival:children] elevate -k8s_emc +k8s-emc diff --git a/roles/prepare-dkms/tasks/main.yml b/roles/prepare-dkms/tasks/main.yml index 7f55ba6d..94f47c31 100644 --- a/roles/prepare-dkms/tasks/main.yml +++ b/roles/prepare-dkms/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: prepare dkms on scaleway boxes include_tasks: scaleway.yml - when: "'scaleway_kernel' in group_names" + when: "'scaleway-kernel' in group_names" - name: prepare dkms on for raspberry-pi include_tasks: raspberrypi.yml @@ -9,4 +9,4 @@ - name: prepare dkms on normal debian boxes include_tasks: default.yml - when: "'scaleway_kernel' not in group_names and ansible_lsb.id != 'Raspbian'" + when: "'scaleway-kernel' not in group_names and ansible_lsb.id != 'Raspbian'" diff --git a/spreadspace/acme-emc.yml b/spreadspace/acme-emc.yml index d0210e1d..41fff42b 100644 --- a/spreadspace/acme-emc.yml +++ b/spreadspace/acme-emc.yml @@ -1,6 +1,6 @@ --- - name: create certificates for host - hosts: emc_xx:helene + hosts: emc-xx:helene vars: acmetool_directory_server: "{{ acmetool_directory_server_le_live }}" roles: diff --git a/spreadspace/emc-dist.yml b/spreadspace/emc-dist.yml index fce5f7e2..d9796969 100644 --- a/spreadspace/emc-dist.yml +++ b/spreadspace/emc-dist.yml @@ -1,6 +1,6 @@ --- - name: Basic Setup - hosts: emc_dist + hosts: emc-dist roles: - role: slim/hetzner - role: base diff --git a/spreadspace/emc-xx.yml b/spreadspace/emc-xx.yml index 4627107e..c73ffd0c 100644 --- a/spreadspace/emc-xx.yml +++ b/spreadspace/emc-xx.yml @@ -1,6 +1,6 @@ --- - name: Basic Setup - hosts: emc_xx:!emc-00 + hosts: emc-xx:!emc-00 roles: - role: slim/hetzner - role: base diff --git a/spreadspace/k8s-emc.yml b/spreadspace/k8s-emc.yml index a1b25631..600ab2a1 100644 --- a/spreadspace/k8s-emc.yml +++ b/spreadspace/k8s-emc.yml @@ -1,11 +1,11 @@ --- - name: setup cluster config - hosts: k8s_emc + hosts: k8s-emc gather_facts: no run_once: yes tasks: - name: create group for all kubernetes nodes - loop: "{{ groups['k8s_emc'] }}" + loop: "{{ groups['k8s-emc'] }}" add_host: name: "{{ item }}" inventory_dir: "{{ inventory_dir }}" @@ -13,7 +13,7 @@ changed_when: False - name: create group for kubernetes master nodes - loop: "{{ groups['k8s_emc_master'] }}" + loop: "{{ groups['k8s-emc-master'] }}" add_host: name: "{{ item }}" inventory_dir: "{{ inventory_dir }}" -- cgit v1.2.3