From b9fc07d1d12fb31fb9e86cc2cf3347672461d3b0 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Thu, 20 Jun 2019 05:34:53 +0200 Subject: chaos-at-home net-config --- chaos-at-home/group_vars/chaos_at_home.yml | 10 +++++ inventory/group_vars/chaos_at_home/network.yml | 43 ++++++++++++++++++++++ .../group_vars/chaos_at_home_switches/main.yml | 2 + inventory/group_vars/dellos6/main.yml | 4 ++ roles/dellos6/bootstrap/templates/init.j2 | 11 ++++-- 5 files changed, 67 insertions(+), 3 deletions(-) create mode 100644 chaos-at-home/group_vars/chaos_at_home.yml create mode 100644 inventory/group_vars/chaos_at_home/network.yml create mode 100644 inventory/group_vars/chaos_at_home_switches/main.yml diff --git a/chaos-at-home/group_vars/chaos_at_home.yml b/chaos-at-home/group_vars/chaos_at_home.yml new file mode 100644 index 00000000..8fe4c3f3 --- /dev/null +++ b/chaos-at-home/group_vars/chaos_at_home.yml @@ -0,0 +1,10 @@ +$ANSIBLE_VAULT;1.2;AES256;chaos-at-home +36333032363330643036663937323235396334386536396338353339323332323635356330343366 +3932643866616333653531666338333966343462653439360a623235333936393031613666626435 +66336531666331623031363565333230633134623231643038393737306333353535383564393664 +3932353863316462360a643738633861623564353438313463303464666338623332303562336363 +32653136633232383431623732613135363836346439363166663964323638393761666465313336 +38643962323661303931636433343131643566343530383231666165353236333038323265383337 +34383663376630336139363931633863326465366161343531633338383731393362633761666334 +31323830323766383137653438663363353133366331663831386664303530353637393362336665 +65656164373665356237386336343430333138336138353037636332313035326661 diff --git a/inventory/group_vars/chaos_at_home/network.yml b/inventory/group_vars/chaos_at_home/network.yml new file mode 100644 index 00000000..fd9124c3 --- /dev/null +++ b/inventory/group_vars/chaos_at_home/network.yml @@ -0,0 +1,43 @@ +--- +network_zones: + lan: + vlan: 28 + prefix: 192.168.28.0/24 + gw: 192.168.28.254 + dns: + - 192.168.28.254 + dhcp: + start: 1 + limit: 199 + wifi: + ssid: "chaos at home" + encryption: "psk2" + key: "{{ vault_wifi_keys.lan }}" + + iot: + vlan: 30 + prefix: 192.168.30.0/24 + dhcp: + start: 1 + limit: 199 + wifi: + ssid: "stuff at home" + encryption: "psk2" + key: "{{ vault_wifi_keys.iot }}" + + mgmt: + vlan: 42 + prefix: 192.168.42.0/24 + offsets: + ch-sw0: 200 + ch-sw1: 201 + ch-ap0: 220 + ch-ap1: 221 + + magenta: + vlan: 329 + prefix: 1.2.3.0/30 + gw: 1.2.3.1 + dns: + - 1.2.3.4 + - 1.2.3.5 diff --git a/inventory/group_vars/chaos_at_home_switches/main.yml b/inventory/group_vars/chaos_at_home_switches/main.yml new file mode 100644 index 00000000..fbd8f736 --- /dev/null +++ b/inventory/group_vars/chaos_at_home_switches/main.yml @@ -0,0 +1,2 @@ +--- +network_mgmt_zone: "{{ network_zones.mgmt }}" diff --git a/inventory/group_vars/dellos6/main.yml b/inventory/group_vars/dellos6/main.yml index f0adaa77..2b04345a 100644 --- a/inventory/group_vars/dellos6/main.yml +++ b/inventory/group_vars/dellos6/main.yml @@ -4,3 +4,7 @@ ansible_network_os: dellos6 ansible_become: yes ansible_become_method: enable ansible_become_password: "{{ vault_ansible_become_password }}" + +dellos6_mgmt_vlan: "{{ network_mgmt_zone.vlan }}" +dellos6_mgmt_ipaddr: "{{ network_mgmt_zone.prefix | ipaddr(network_mgmt_zone.offsets[inventory_hostname]) | ipaddr('address') }}" +dellos6_mgmt_netmask: "{{ network_mgmt_zone.prefix | ipaddr('netmask') }}" diff --git a/roles/dellos6/bootstrap/templates/init.j2 b/roles/dellos6/bootstrap/templates/init.j2 index 2435c738..8a0c1ae4 100644 --- a/roles/dellos6/bootstrap/templates/init.j2 +++ b/roles/dellos6/bootstrap/templates/init.j2 @@ -3,12 +3,17 @@ configure no ip domain-lookup hostname {{ host_name }} -{# TODO: hardcoded address and vlan tag! #} -interface vlan 1 -ip address 192.168.42.200 255.255.255.0 + +vlan 42 +name mgmt +exit +interface vlan {{ dellos6_mgmt_vlan }} +ip address {{ dellos6_mgmt_ipaddr }} {{ dellos6_mgmt_netmask }} exit no spanning-tree +{# TODO: configure management port #} + crypto key generate rsa crypto key generate dsa ip ssh server -- cgit v1.2.3