From 9d971a12b37f75fdaee22b8a6870091c45ea0a72 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Wed, 22 May 2024 22:01:22 +0200 Subject: ch-apt: base install --- chaos-at-home/ch-apt.yml | 9 +++++ .../chaos-at-home/bind-zones/db.chaos-at-home.org | 5 +-- inventory/group_vars/chaos-at-home/network.yml | 1 + inventory/host_vars/ch-apt.yml | 39 ++++++++++++++++++++++ inventory/hosts.ini | 2 ++ 5 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 chaos-at-home/ch-apt.yml create mode 100644 inventory/host_vars/ch-apt.yml diff --git a/chaos-at-home/ch-apt.yml b/chaos-at-home/ch-apt.yml new file mode 100644 index 00000000..3c38bb64 --- /dev/null +++ b/chaos-at-home/ch-apt.yml @@ -0,0 +1,9 @@ +--- +- name: Basic Setup + hosts: ch-apt + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp diff --git a/files/chaos-at-home/bind-zones/db.chaos-at-home.org b/files/chaos-at-home/bind-zones/db.chaos-at-home.org index c091743f..34a11cad 100644 --- a/files/chaos-at-home/bind-zones/db.chaos-at-home.org +++ b/files/chaos-at-home/bind-zones/db.chaos-at-home.org @@ -2,7 +2,7 @@ $origin chaos-at-home.org. $TTL 1h @ SOA ns0 hostmaster ( - 2024013100 + 2024052200 1h 15m 30d @@ -75,9 +75,10 @@ webmail CNAME web caldav CNAME web ; TODO: internal service should only be resolvable from within chaos-at-home network +ldap A 192.168.32.1 +apt A 192.168.32.7 mon A 192.168.32.230 greenbone A 192.168.32.231 -ldap A 192.168.32.1 ; old: clean this up as soon as everything is moved to caldav webdav CNAME web diff --git a/inventory/group_vars/chaos-at-home/network.yml b/inventory/group_vars/chaos-at-home/network.yml index 1108ebb1..8984a5a2 100644 --- a/inventory/group_vars/chaos-at-home/network.yml +++ b/inventory/group_vars/chaos-at-home/network.yml @@ -83,6 +83,7 @@ network_zones: - 195.58.161.122 offsets: ch-apps: 1 + ch-apt: 7 ch-http-proxy: 8 ch-imap-proxy: 9 ch-vpn: 10 diff --git a/inventory/host_vars/ch-apt.yml b/inventory/host_vars/ch-apt.yml new file mode 100644 index 00000000..c6260c54 --- /dev/null +++ b/inventory/host_vars/ch-apt.yml @@ -0,0 +1,39 @@ +--- +install_jumphost: ch-jump + +install: + vm: + memory: 2G + numcpus: 2 + autostart: True + disks: + primary: /dev/sda + scsi: + sda: + type: zfs + name: root + size: 10g + sdb: + type: zfs + name: data + size: 20g + properties: + 'syncoid:sync': 'false' + interfaces: + - bridge: br-svc + name: svc0 + +network: + nameservers: "{{ network_zones.svc.dns }}" + domain: "{{ host_domain }}" + systemd_link: + interfaces: "{{ install.interfaces }}" + primary: &_network_primary_ + name: svc0 + address: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets[inventory_hostname]) }}" + gateway: "{{ network_zones.svc.gateway }}" + static_routes: + - destination: "{{ network_zones.lan.prefix }}" + gateway: "{{ network_zones.svc.prefix | ansible.utils.ipaddr(network_zones.svc.offsets['ch-gw-lan']) | ansible.utils.ipaddr('address') }}" + interfaces: + - *_network_primary_ diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 4ab98ab6..b6cbaa4e 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -26,6 +26,7 @@ ch-equinox-t450s host_name=equinox-t450s ch-chromebook host_name=chromebook ch-prometheus host_name=prometheus ch-apps host_name=apps +ch-apt host_name=apt ch-http-proxy host_name=http-proxy ch-imap-proxy host_name=imap-proxy ch-prometheus-legacy host_name=prometheus @@ -378,6 +379,7 @@ vmhost-ch-phoebe-guests [vmhost-ch-prometheus-guests] ch-apps +ch-apt ch-http-proxy ch-imap-proxy ch-prometheus-legacy -- cgit v1.2.3