xbazzi/ansible-on-prem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Out with NetworkManager, in with networkd

Browse Source
This commit is contained in:
xbazzi 2025-07-12 22:52:18 -06:00
parent 0bff8b768e
commit f8ccf6f053
35 changed files with 768 additions and 276 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible.cfg
View File

@ -2,4 +2,5 @@
remote_user = ansible
inventory = inventory/hosts.yml
roles_path = ./roles
vault_password_file = ~/.ansible-vault-key
vault_password_file = ~/.ansible-vault-key
allow_unsafe_writes = true

224
inventory/group_vars/all.yml
View File

@ -1,96 +1,130 @@
$ANSIBLE_VAULT;1.1;AES256
38333861353432643165366435353534316564346533666439376631373562366530386636623333
6130343936376163336432366437623062643161636466640a383232343564636234376330323138
37393731643030313230613363343639363737393364346231643835613532636530363964383933
3834343936353965390a313439663463626461376461636462316237366430356437346164393034
38633331646465666165343365616366623636613264663062613238656466326537373135393234
38623034306461386132373262666532633562376532303762356663343930623464376661366238
33373638386366643030366632636138653032633436373932613261656331633663643839306633
39613136306130626635393333366136646665393932383563373739323730396633363334643639
36323337336563616165626463306637653865643931613731636233313061616130623662393465
63366131643135623337313735386566616663343263353561316132343138653761303436386433
64653736616439623331373865383439343637343737313466363265333033663836633635623732
30643137633738356665326138363734623766613462323831623931633163373933353661653434
35343466363132663765623739336136656332333932303332363164366630376638353166316636
31653133386461323532666661363865383430653230636233616238356431623462316133633239
34316561333530353166626632653566333966326663383635323165356231386232346263363666
61366430353239353732663437353165353562313438383063393935306534646165336232333861
32633138323036323334343866333963353965303536373930336164323565333862353032336566
39613263303966343337393165633866323233653132626264316238313131663961613037643865
35376138643934383435636534343231303933396138643231613336613536333961333562343963
31376438366438346231656364303535336465623237336263383761363630623632356335326231
61366132613062353833613162623634383134666334366435646238343462396535336534316264
35326461653331636462366536653430646438626562373635613464313031666434333732616239
61383536623762653463363031343332393166646264663031656531363761666364653866326230
33363264663366653930616133363539633463306434653732383435613430626439313935633162
62323366653639343063353662383265626538646361383030396533366635353830383365636435
36636433393635633237316131616630383464313535303137376131646566383366333935303830
34663630613438613836393333626463623466393831303833626666636338356533616436636331
32393665346538353539633634303161616662366433386139343034333963336630353634346232
63333561326532336533326333613961643134306264373730346137653962663930326261333763
32353264616333313263343964663465636235333438343334393963653530663130366133353031
64626537663362316239643436646236636361656365373232663931613634333465643137313964
31323464303432346337616530333135346166623561623531313561633533643161363930323265
32363538323134383434316332383064663437653161316162636339663036316139633636646131
34343939383935623333613835613431346532323530366331613065666566323731663336623137
36653165623235343832653438393836353630663063613337346364393439303738656564626432
64613863376463343433303933656163666532326430383863383636386331643265623963653730
31666430303666373030343831383436376666346236646231346565643564656339326231383337
32386239646634643261393531636666666637386633396136653661373835636237323031333434
31633237633566313131306261613834356139306436393862333533336534383662663837626464
63653831373235373638303864323531623965333662386239396637636562373632393365663062
61333934613865626639393236303562643165316466386461636239373336623965333531303335
63393030326230303537383431663634616133353734353835636565326261386165633730386665
61363736653762326634316634663530306163366165303464373833633363613338383330353062
62313331343830323063663363386566373964356566313638653331336366343236356565656331
61326466653362326337626532353637636535373762383034653464313961353430666132376163
63323636393331376565343037613631323130646466656531663335373461653063353166346336
32613564373634663863343036623038656462643532653539396538646532383161333535313164
66306532393137393736316330383466646265633539326437643039643037393735306136383337
35353465643762313762653938376331356232356131336131616531303162383737623736363130
38336634653564363564323964356564313665396461623836633533633534653961323632653766
39383236663664643666333730623731663438326539346135326564326666396463323661393132
35343862653264323564343730313938663664663035303332333163633137323661323431343138
66336666386635643662323431626636636231666561396438336234366331616138323636336664
36396133323937306463386261363766623366663965623361313264663861626161366166366237
36393962613135326339623261333635326138336466306132333230643536376334386166346364
61643231363737656131363935626433373164363161646365633536383563343936653333333832
33383565346366616365363030646432363633663537316335376333313236616637633066333664
63313039656664663664393633353466376264356161343532353838373366393835653134353438
61396164636566313535656533396332316565336664363034353235643635616564663563633338
32313662666566336437366666376630336466373831343431636662323431393061326139326537
35303362366338383230643734333533323535303534303637623136613634333436656131376635
30623736356634616366323563636535633530623435613634636662636436303337373762393734
63363637323733306532343239303030626135663366333763623933613034333339323636653338
37646665343632363466383762623763363238633265333166396165633461666662303332373164
30356231356132323037396231613939353463656333613735376562323837323430623665373364
63656238356161303462366130636236633238623861373830323237376563353934356239656539
62346638643263383636666437646466393361366465366362336634663636306230373466366266
38353133383937336336633239373739663731666162643037623630323739363464623763353163
36653733663138386432323465383537383137623333333933366232323934623730613139656536
39623564316135373830316238396664323663663137653130326163356566653630613662613638
32626261383533393833633539633330383537323534346134366333346438323232336337623861
35306632356165313063373738303130386436396532616365313633656637373362313639626338
36616665386663303636323264623839303562303064306139333263343839323436333930393136
36663531643363643537636437646266643032616437656239666539653163343935633366646534
36623935356565653831366462653830393465353065386130303065626365663235366530303431
63353635653163303138383163663931356139626264383331346532663961316261393832626430
66303435393739303461363731363733646534363766626462333761623537343734343833393634
31356537653630363563313539356535663032613538303264633864396365613366386366656336
37643666636436626162636234333938303266393162393933393038366437613165366630386438
37313634656632653238383134653039323739643366343631343530386237336139313164393133
64653638363662333461323365333861396266653238306530613064316362663131633461366161
32633835393832646530623033346238343761393036353137626463613139393839616432626263
35663232323734333631613139666366666436653566653064393666356165336439303937326637
36633438623933323964303065313332373762346463343263386439646533306332363136386434
34363236383733323232306264613137383831633534666337356137316433656238363864646138
39303661383963313833323330656666373536303931383464343036663035616630343063383139
63653263323533303933653138666138336530633162653533336466353235366333643835313365
38303462623430356339323731646238636663393838653466323030653866646435323636343337
37316336383234323336383061666235663539616631663936613430313138643061393439383636
31656535366361326566666264656465633337643365393765303732633238653231623735313638
36303537393038306165393365343334373333393933356133313264396236623936343763366330
37373262393230326132393237633335353964346434616137636662343635306632373532663830
66333039613330306231363364323861363964313336666165616635363166623435636366343364
64356364373832366435656539613238646538623035346434346364386434623461653763656135
646161643166613037303031663863666465
39616266383865336462366632626362363833643065393933373338613261373735643832386232
6336303836636130346365356432643832623532633533350a626531303736363639356234633562
30643465633332373232356630623366393232343166653633383165303535336139306332366438
6165646636613135380a613165646136663365373030663662343935393564323761663661396365
64373438333961303662346666383264383037386564623232623531636462336639363133333431
33636133613665353066313264386666633763616566623334373232333330613638306264656461
36306639363138636239663564343161303762373562626634303831613431373861633333326263
36663733346132666234336232386636633031303663623236623434333532346533376139373261
36393931393839663934363130626266383638623132303034643862623538643538383065623436
34633938656466613436633561393165613863336332333166393565313332343230393866333466
35343930366634646263396239363935313337366135656461656630346466663634616563616633
30333463326330303032363830336337386431616662316461376565353565343835306464336636
30623531366230316363393138343932656661343430623164393934333534633764393434323837
35666233393662353337633136353832366366373265313834373837666635383232383637646333
39623361626135316138373836633163313265663337333435643030313534643464646636363335
35393939393733326661393533633766613133333034383864393730663863303536643963626438
35363437373165383762333862653030333138353737646663616465646431653933313761366163
35316632613434313239643934643061656164656135303032373332363166303561383932326531
63346463343331656638386637303762303136313461646361343838613030346533656166396333
36336334323433626639623737383564353263613364616239336239343733356233353034303135
32356266653461646336363639303238323835316232316139366631356139353537393435666238
32346439656238373735626137346332616464363864653963383535313137646666363534326263
65663162633764646663343263346533363462333836623764643239646430636232636634393938
62306465663338386337393562306565353163623832343532313263323537653938346562396661
63643033646534656431303232613634333863343034373066346433346364633036306636616134
39353830356138616366643931636134336264373635346662396564363038396465386664356336
30343737613933653631353561636630366633633533336437323031383434643832383264326135
61343361336430613261666434386266633133333463623638363633306438303232376566336134
39626461313633656363363661623437303263353233396335663236363730323038396539306266
37613362643761663661663162613861373261373365376230343737326239323631373537613939
65303865633931326335303131666161616262306335666639626137323763316562633035376530
64633532356339313333373435663832663138656132323565633431363631326632383365353361
65366433323661386465656631396537653738373566356165336337313865383438393831646339
38343436633263613363313431623765353763376436633035356134396432646466383865323435
63653066643230326466333066336435343536346566366264386234376462383230366435373237
37323536343637393264353762613964613335663830623631663364646337326232633462623930
39383263336266373839643430646331386365326135626231656638373164393062653331643161
30393732376239396366366334393164333663333435626530386134613162646531623538383931
37356539666239313332663330653762323232373332376461633936326464323963316136383562
38303133333466303430626531303762303264636134373935363538366461393831623064656235
65306261393064633637636266343964373063323536663864353838326138383635363965656233
37343763353463356630343766383661313665313837663766353638303939333763323436333332
37333334633463303063623530653261316563666237623266643065306464333238316639366637
35653562313562333962633939336263666539373935373339633531326533633537633434326533
63633466653931393733613061373130623565613466616132343066626532376531643939346261
38623866396264353130636438356134623937653938323837613266623934373531323837646633
38373334343834663537323566373734626638633836393963323830396639383939376433363766
31353330643434313630306465303462383038353161393966316434616162393064623330343364
62626634666232633032663730396232646662346365316236623239353037323137343562613533
66393132333539323032623734623339326265643839313131386163633833306633386430393362
36613738383131646530626235393832623261313431366432626539633964643531313965656132
34383565663434333364353930613765353839313331326366653639616337366438656436383539
66316235383032636163366361336432656263623166663537343039633161393764383162323137
34363163346630646363363930333032383137356164653537623539376163366231363664303764
34656564643833353464326539333737356335376330363031383738306237313934386434343466
63303439356637373032393663616366353236663834393363613266313535663535613735393731
38323930333465623434363461613631386238386537356330393461633437303064666261633535
31616530616438633264626665336362646336353633656231613238353163613638393439653765
37343433633738616537373835326265656264333561376538313236363434303666363134373438
33373139363130343733623165393565343637333561623531343730303465313635323264306363
34343232303233643938626537376333393561386361306439373836633338666464303134396131
38663137386436363965306265643262353834303765363463386331306333313262363331386432
62363062326335626264633461363338636562643534336464653738326235633534343461306331
35376161383534666333356538643837343233643131626433376232313361633034353064343263
61343965343137383737646232383733653933376463613561303136663135646266313864373438
61373562363830323130363161343861333964613239393333646364363437376561656463656639
35656635393732633064613464613331646263396566383836646163386330346162363334646365
30313335383839303535303833633561363538313133656566353130366638363761633038363562
34323933313137643837326136653931656661613462393763373832633432393737383631336366
39393066633638396237373936633931643133366365653032373235633861396465633064343562
31393635323161363532383364353631616539396432356230383636653435663865373839396462
39343732326630306534623466333937336530636636636564323762303462646264623036653834
39663131343762333939343136343965623634633366346239303131346638633837373534666461
39313436333966656334316461626137353030326533386631353639316264663839653563633635
36623563626365653338363530616666333030306662626661373063386135636461333231646430
39383737373761363039646666313461633763316463656134623661613631656466376332616239
63633930303030633236396664633532363936363735396664656137333831343336623663333037
33333564383262316436323863396235636337653837376366363539343064366437323366393164
38373262623130623238326661636630383432656261343264313663326539363962356134393266
64633636363661336433633662316366613531376632373532626438643336396233353038383662
64333734653662663666363264363431643534616636626263303638393864613062323364353131
36356637336138663135306635316666623137363931643734393734316238663661666563343931
36656463643833653837633539326565373933336634626663333864383866613366613966353636
63653263626235313635333764303139356162356335666430313038646538303464396631356439
65363734393230333837633334313762366638366231383535383132353165373063343731353864
37313463653437326231383338666434323035373664393730326632386533666234623131356263
65653931663232356663336537636531363835336633366264666162336233633338653334623530
36636266626630666333313034353262663164363638323335393766373961643366646138653634
36656131393435623337623663326663313139633862663833663438343463626231363635383834
34643166653830343235316561333866653536323833353061343737386330303837633233643230
39643436386562333536376230353865626563393266323737303237303362346463373232383232
66633939303536343638313132346231386265346232613134306330653934356130626333376662
66623661353436653263653638626138656331666333653431333661383364313530623437353766
32636564383132613336303830343164346165386166656433623666363333636532623765623261
36626466343161363030353036326566646363613238663262653632323137646165316362346161
35396232666539343366373230393466396434353263383138396662343165383566346537666330
64316434383938306561353164666534313038653963303330366362363233386638386466353539
35396266373663343863356538333963363934653439623965376533383066393234616534323565
66336562353634313139316230646531653432336130363838616434353663653261383061383736
31376432383531333231396336363936373031313062393437363637336538613431653237353866
64663630346333333730613765346266663639633766353533343263303166616465623162383530
66353065346139316635626630623838393166373163313064373637333038333662666363343961
34343265366539366632613139633339333437663533356538303062393834306335376537326563
35323137386439303332303032346366656164356634633139353339343731613862396132323464
31376333656364373361396461386538643765613636323236663736303633643663323163313136
64326338646639336462306261633535653237333432646238656636303837343134353534363962
30613132376336326234396138323331613536626663346433393739373761363462373865323931
63333166623637643033383332393933333137656437366633306232666332626239373065366437
65633636343263333664336264366237396639663530343965623564653938383032616465643333
36383933613163626531343762363739353761306630616539666561363834616335616130653039
64326133623034636133376164663439306539383332373337393864306663366630333337636633
61623931663237333566663035373965663538666630383934656139643237643733303035303534
61386662626162616635333739386131623130326165663162333230336666393564303738353265
38363039616161396534373638633366633432386534363765326134353131303061303965383161
66623930363831343837303062326433323237306335376331633536626263656338313464323637
37633563303566396232616432386466666235646631616134643662643664366630343534613632
31353561623663366237653564626233653136363665646530643563366332386566653965346164
35356339626365623235306231336634626233653635626235313638396135623437393061653661
38326636663733663632393561303062613635346237346562666233636563313166623935336631
33353139633534613333353339373636323563366465383037626537353437396530316235613439
63306332343038633633366262653732366534363035363564386461303363383763643031373139
65613930343937306639393130646366333835353463626238336533343030386134323135343131
37356266666562376431643564643731623439616533353536626461643130363764323262653636
30363961616636656362633731643563313432316363373461363532366437666133373438353839
33373564383231343936353262383164636336353462303739653135643934386263323061643939
32643931333030663134636638333561646232353663343761323138626539336431633539363937
38643435373539623961386135613232616466653665323231383631383462613565363265376261
63383934663662643832343835626364383035313663666561653233653430346661343936616164
38333463653034393965613338313336396666646236316338383065333733386633

12
inventory/group_vars/cluster_prep.yml
View File

@ -1,2 +1,10 @@
iscsi_target_ip: nas.lan.xbazzi.com # TrueNAS IP
iscsi_target_iqn: iqn.2005-10.org.freenas.ctl:pve-iscsi
$ANSIBLE_VAULT;1.1;AES256
65353761626163643330363566616138653361623139306463623964303730396633316665346161
6533653962353462333566363530653237646539336165660a613565643063393962646265646634
62383133396338646564323335393832636165316262633466376462643737613939353433643764
6337616265353435630a333063653137626437373833383966373164393537653839336161383266
66343266316664663639323630323135363034343031353030323832333437303964313465333233
62383731613066366262353063306262326431663937316135396465646433613965373237353062
39626531303539386330653864353236393566626533303864336633303866323761306562383838
64386534313331646632613031653735326365656235343862613765646365616665396233343862
62303335646536393030343463306231376466396639373364626336303639363665

39
inventory/group_vars/prod-vm.yml Normal file
View File

@ -0,0 +1,39 @@
$ANSIBLE_VAULT;1.1;AES256
31313561353530643630326363363839636465303566643435316132663163343365303430636461
3830656432383635326262363564653034626338626465650a363766373965393238326632323136
36656536613736666532386636323533646331333437643437353230636139623637363263636562
3766663535386232340a356164306633336366623065323632623638356536373364306236613231
31366361373763326561343562616462663066303634633466616164333265366539383366343261
38626632666564666539376631303835316531313436616533343864316131323564303666633737
61343333376235303637653632393636326333383737306439393664343031653434666130626664
32363662353566346164386137633033663738393936316662633030313763316236373833366636
32333264383161653931376235316235386333323866633531656561646531383036623565313534
32343463313639653730623135313661316434613666393931306165333262306635386635326664
61346336393131656663653363333563326663336366643639626534346161643864643366626338
33643162653731366332333232363433306332633763623631653064643539326561313631656434
63313366633834356634386362363334303562656565623539633535636437356366633236613435
31633231613663393234373733643737366334356534383430656536343465333965383431313339
31646161333766393965316236373431653737376263383865383338343665653031616533323235
32646334636661333565623462366463343737636634616134376637373930633361663762663630
66393037306631373662626364663834303765626534363033653331626234623661623033626364
39333034353762396664386431313263653161306137323836653635343966656133353463363637
36666130343665636332393532323265386138613063383066636230363839643336306434346137
32616566666632643335613432633636653261383439326136333833623064643061383065346365
37626334353432613835386138623166366162316261333234363262336564636639356330376566
31656432653564363764383935353130346439663633313661393232626339616263303962363961
37383539663139303464326566303066356463346636313834626166613232616664323831366637
34616266333933346333316634303262383938613436333630393133393566656530303461313332
36303363313561613264346663656636663033653563303436316665336532343037613765656565
38363132616666363766366238643639373136626662353137633936333364616262623432386237
36636163363935376363366664373835356535373433343036373137646330353635373931656665
30366535353435353338383461343036323764393365353230363735656337663135306337633035
39356565616338346332633633653433363662383037613533666536666632333639623332316339
34376435393435373238336135636431323436366533363239366530663632356436376266633061
62306662316230306164343932353137316266643234363335333235653637656239383439363465
65613833666264656463623963306233366662353536666233643038343731663238643461373666
63346131363035346136366563303236313664636637626664316666623361623162623730663834
31383736663438383839653434623766643736326463633166303163306336306331376634333666
39653839336637346266323363336265346630613032633734343632643362333139346237396434
65613165383135653536393232353033356363373432613831333932623165313432616132323630
31353537366230343339303661623837306566316534393739393430636362623361373337313530
3461383431616534646339643330653734346434663230626235

20
inventory/host_vars/pve1.yml
View File

@ -1,11 +1,11 @@
$ANSIBLE_VAULT;1.1;AES256
61636264373765333930663036663164363332363765353836326361383438303065623938353338
3861383264346132613466666363623562383437643464640a343830356164323732313631666532
61646636633062333539393266366537613037646137376463343638356562383538376534376533
6361373233623565310a343466666233623138316439616239376266343932616366636232633735
32623335633732653637336163666265383066303565386261353539656333656337393530323639
65313233376434343761653264626563653031623236616362396262643463656535613237383435
35343439643330343362333362396338646162313063623334326264316235636333376434626535
34353332653138653765323936346536323038366238323932393335363762623237653962616664
37653963633936653866656537663435333731343937616237353734383537316361633836363666
3064366264653335663331383332656638323335633731353531
63376135396163393863613564316331626339613064323733353633626463313863383736353330
6666656566613832336431343433356134396530383939370a383437363631393437333065336131
32393234343432663636653665646538656133396665343833363935666264613963373638356438
3333363762383066380a356632336439363761363461333662373938306537366436633436646263
30376638343566353331303638643132383636663236373031306438386564313236613930343665
62383262643831626132393635336536366133333031333864613039303838356435333830316331
39353432366666366261336465386461333630313232656137666665336633616266353961643230
30336230353835383262386262346339336436383336336162343461326161663038623634613064
61646436373437313564396266303763656536623765663635656138653361616436316337663865
3162396165643365626339363638656262373335393334373836

109
inventory/hosts.yml
View File

@ -1,36 +1,75 @@
$ANSIBLE_VAULT;1.1;AES256
64363164666338376439386465623133383736636361353661303464666164616232366431626333
3437666365663839343866613537323366333564646234350a363434303639333535643039313039
61306663306134666139303061316163323033353366386233643039613365386536333336663864
6463316237376364660a313639623233326634366635313962373830393165343130363337353135
39616535373561353064373139356362663739363138326237393630326535353961623733323766
61366665346365626637626531666434336366643061663363323237613065613638353731663834
63386361646161303339653433316232323135323561363161643833373865366162316465383930
66346466346433643264633162326665613731383036616437643537383833616262646331356638
61336331636334343465316366323861326365386136303565363564343438613866326162613930
35643230316237383865616164653038306339306130316534303230383966353934356366633961
64623761646138633931356230633961353361376239656364326338646436663831323631346531
37633261646635633665663037663733313332396666636435383166343262663834383633646335
39383137383436643865383065613533636132326331303731306465636465613136646462643336
63386635346534343961626339393330633638633263326131313065353164353833333833326164
36613462393334333166613765343938393132363165316532396237636137323262616631393930
32323437316430306532653937613937663963613738323231366565313838656434656532623062
36633561376536373036323330623539383763306561383136633434623062376266333361306266
35333431626230316630626663376462653838656330376266396664323238323234306362343633
66333463646665306561313033313464633231316366633031303863636264333363366666376163
31663464643331666461353331663936656539616235353530366238326333663966386639353334
65626330613330303930643835393365383739313831333235633261356331346161333765323335
39393534393166383161376530623739336635303363393633653666633363656334653961643964
65373237333338313162626636366264356663616261633734613330626562666538313165663562
33393336613963353330336238656433613363306535323930623037663463613136643735613337
63396334626334373737663461386663653865626136353761666531623563643465356366666266
32393536643638303862353234366233323566623862316636323866323336366434376463306661
31313133313639313635333335643836373437306535383734373031306539643738326238373366
31393734383738636333643437393238336365376332643861636435303036653065613164363031
63373632343634303236653036636134306237663462633861366630633034333832646362303236
32636166366430343063316333636134616236373866373865316261626239376639366537306461
33636265313262366264306331313039363734633766323932363465353032633764373332326466
31363034326161643062343230333435343435623336653163323365363233643231306538373939
35643338396661356332343431383232376238626434613462306437653537343530643030333735
38393532303533323430373066343938396533656564663731393738363863663864356462663565
656438663662326136393134643136663737
38306461396530653165313836363332613036356566383265636266616662306364633762306637
3562656663366234303066313734396163663633356230360a383961313938333664653331626538
31353065373963653938653966373835363439633533383065386264303566646237356637303438
6662306636323630360a323731303661393630363638613865373235323766613765346530353734
37363863653266623136346663313937383539613433313930643063396435386362343436386561
64373665393763613135663163613834356536346165666263343136313638346266613638326430
64376336366634326639633536323032366531653038366663363734666231383635393765383736
63346338326463633865376635323434346265656230306262396364623236613039383530663964
34396135323863366235323632666138316134393639386166313732643435366564666561666634
39656461653933366336346532326565373430616363393436633364316565383339336361623438
34623364326434666563393035636234383362356537326562383434646634643265613838303164
33666634353334303738306164316462353365376432656438626435666533363635343332356338
64396634396233633030383064326233323962613937363935306235626338316664663466383939
66663939623838313266346339663966363132396364363832633637336161373766613166666266
34663834373339346166643664656266343162613731303530366536623831646462663937656538
62623237616337343465626532363639303531343535633738383266366338623166383434326631
64373335383966333561666531646431313939356661383431353531616630306262633435396535
39353333323437386563663463306664653664393431623836333834613334326531316661386462
37366132393132323336653536653037656333333038363033626232323363366661616361636333
34623733373633373338343438633464323161353838633039303762346136656666643234626332
38616238643730326434363832333634353932636235396332306463353164643835313130303964
33316463666135366433326564663934656337656563623439643162303762393339306535633735
36636532343435323362386463386163303737343933623839306233306138636362643838346564
37383935386638343262336139373135343137636339643333343730313563666634313262623836
34616634336235316532333934663732376634643238303465643763633333636466663733333635
61306537373162306137636335646663646134656366636635633437356366636134636439633936
64363136313732633566613264306432633234623561306562313863633237633265366637346265
35393161376332363038306430313037383832373138333431653266346566333766616139316661
37346436356433623535376664313937363263363531616363333738366431326361303062383335
63633263613964633137613363313630323066353265633636623763643530333764376664613066
61666565333035373562323433343362306166386330356430373039633864656136643133633466
36386638313238353737333565306132313135326234316134656365303930366164373564363730
63656261613231336332663631343863623235376634663332643563343263623038633863323764
66353466343434346136333562653665306164633133386431383638346461363838393363633432
39656639393531303562323630663464326262623464653631313134643664653361653565666462
35313162396463343464336466613362303566646665373033656362343464663262656239333365
36633035633462316166393934333238303931616631363933363766636634663437336563313863
32353062646263643966633839643931353562383330353461643765646266336634363333343064
37653138326163323865626536643762393234343166666362643431663132393236313637396164
66326538643838323765623931393266396431393139393766323164383031633062663761633438
39373936393964626630383230636165313937393139326236633632386164386361346161393731
38323765393562356635626434343437663165373163643765663834636362353532633262303838
64396664333739313832323836396161646536626138313362376663626238366161626561666132
39343764633762653234633764636239303139313731616639613532323163643534363130376433
61343234386532346633623537643461666562653938396262653734323231623064303439316464
63376561316562343066313730376631393032343539313832366365376131313862653966376532
63653835646538383466656165626136363061633366376164666462383837643931363764323832
34313762663836363433666138343033353432326232383037346130633833346563353463333736
33623463386365336666353963633963323034633637623363333163346664663437646338356362
31363833373463633033386231653035383161613435346463393433336436373332306634323232
37663336623735626532363066303162383563643939323335656565633630646239356339333036
61303339346431306335323364663764303232643637303666613330373735303365613738653662
39663866323237333739623466316131656437643561623837346336373836353966393663343065
32343831323132323430653563366261313036616430663339343336376564383766376165626362
35656665643161376234303835373566363131343036363033643935313531343439323464623764
39636562303938646466346462383537646566363034313261616635386339623233363431626631
36656263623963356332353532613738623935363961623763393536356162653639633763656164
35316138366164396637316335656332623266316232343439336332653862373535646166393563
66306132653333353562626663313466623335623238616234633563326565653432343337393832
30616434643264643937623337343333626265336437613364373064333934663338303331653266
66323439306333356433323030393361316533306665633639363032366638356663323064303539
65356365323966366366613836613131386663616163616464623238613038646530373032653666
32643334323936353536636263333866396665386331363332653435323730313763333732346265
37623433323939393263666165666231643731343235623063333037626432356362323265366461
34323237306537633630363237323363386464366331333832663132313832353534393736363237
33666439643136653966386630326566356462373537626161306464633363383831396233356465
38623937303137316339326164363431303931633266316331306263313934376363626662346638
61383731373064336431643339356465316662376166303732633765303438323333373133643535
30626133343863383961663330653230656565626663303936633037643763303234336562396435
65666331323739646531306538366232363034626431633765313739376363313664626566346562
38653262623131646233346361646632663436366230623066613963653035353835343439643833
30356237333034336331363830346566313433613836393663363937353366626166663233633563
30666134343239633035616366353061313937336433353466643631346632643263323535356235
3434393032383433326532376663653064363639303430643937

6
playbooks/deploy-postgres.yml
View File

@ -1,6 +1,6 @@
---
- name: Deploy PostgreSQL container
hosts: prod1
hosts: db1
become: true
roles:
- role: services/postgres
@ -8,9 +8,9 @@
vars:
directory: "pg-dev"
container_name: "postgres-dev"
port: 7000
port: 4000
- role: services/postgres
vars:
directory: "pg-beta"
container_name: "postgres-beta"
port: 7001
port: 4001

8
playbooks/export-kitty-terminfo.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: Export kitty terminfo
hosts: prod-vms
become: yes
vars:
ansible_become_allow_unsafe_writes: true
roles:
- role: server/kitty

2
playbooks/prep-pve-for-cluster.yml
View File

@ -2,4 +2,4 @@
hosts: pve-nodes
become: yes
roles:
- role: utility/cluster_prep
- role: pve/cluster_prep

20
playbooks/provision-alma.yml
View File

@ -1,13 +1,21 @@
---
- name: Provision AlmaLinux 9 VM
hosts: staging-vm
hosts: prod-vm
become: yes
roles:
- role: server/users
- role: server/sshkey
# - role: server/network
- role: server/hostname
# - role: server/users
# - role: server/sshkey
# - role: server/dnf
- role: server/network
# - role: server/firewall
# - role: provision/alma/common
# - role: provision/alma/nfs
# - role: docker/install
# - role: server/reboot
- role: docker/install
# - role: server/fstrim
# - role: server/kitty
# - role: server/reboot
# tasks:
# - name: whatever
# ansible.builtin.debug:
# var: "{{ inventory_hostname }}"

0
roles/apps/dbgate/defaults/main.yml → roles/docker/apps/dbgate/defaults/main.yml
View File

0
roles/apps/dbgate/tasks/main.yml → roles/docker/apps/dbgate/tasks/main.yml
View File

0
roles/server/network/templates/main.yml → roles/docker/apps/portainer-agent/defaults/main.yml Normal file → Executable file
View File

22
roles/docker/apps/portainer-agent/tasks/main.yml Executable file
View File

@ -0,0 +1,22 @@
- name: Pull Portainer Agent image
become: true
community.docker.docker_image:
name: portainer/agent
tag: latest
source: pull
- name: Deploy Portainer Agent container
become: true
community.docker.docker_container:
name: portainer_agent
image: portainer/agent
pull: false # we already pulled above
state: started
restart_policy: always
ports:
- "9001:9001"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /:/host
timeout: 120 # wait up to 2m for it to come up

1
roles/postgres/priviledges/defaults/main.yml
View File

@ -1 +0,0 @@
priviledges: ALL

1
roles/postgres/privileges/defaults/main.yml Executable file
View File

@ -0,0 +1 @@
privileges: ALL

10
roles/postgres/priviledges/tasks/main.yml → roles/postgres/privileges/tasks/main.yml
View File

@ -7,22 +7,22 @@
objs: "{{ database }}"
privs: "CREATE"
role: "{{ user }}"
state: present
login_host: "{{ pg_host }}"
login_port: "{{ pg_port }}"
login_user: "{{ pg_user }}"
login_password: "{{ pg_password }}"
state: present
- name: Give user full priviledges on database
- name: Give user full privileges on database
delegate_to: localhost
community.postgresql.postgresql_privs:
db: "{{ database }}"
type: schema
objs: public
privs: "{{ priviledges }}"
privs: "{{ privileges }}"
role: "{{ user }}"
state: present
login_host: "{{ pg_host }}"
login_port: "{{ pg_port }}"
login_user: "{{ pg_user }}"
login_password: "{{ pg_password }}"
login_password: "{{ pg_password }}"
state: present

20
roles/provision/alma/common/tasks/main.yml
View File

@ -4,11 +4,6 @@
register: output
changed_when: output.rc != 0
- name: Set hostname
ansible.builtin.hostname:
name: "{{ provision_hostname }}"
use: systemd
- name: Upgrade all packages
ansible.builtin.dnf:
name: "*"
@ -40,17 +35,4 @@
ansible.builtin.dnf:
name:
- '@Development tools'
update_cache: true
- name: Install baseline packages
ansible.builtin.dnf:
name:
- vim
- curl
- git
- bash-completion
- firewalld
- fastfetch
- btop
state: latest
update_cache: true
update_cache: true

0
roles/server/dnf/defaults/main.yml Normal file
View File

19
roles/server/dnf/tasks/main.yml Normal file
View File

@ -0,0 +1,19 @@
---
- name: Install dnf packages
ansible.builtin.dnf:
name:
- systemd-networkd
- systemd-resolved
- vim
- curl
- git
- bash-completion
- firewalld
- fastfetch
- btop
- kitty-terminfo
- bind-utils
- nmap
- tcpdump
state: latest
update_cache: true

7
roles/server/firewall/tasks/main.yml
View File

@ -32,12 +32,5 @@
# - name: Remove ens18 from public
# ansible.builtin.command: firewall-cmd --zone=public --remove-interface=ens18
# - name: Assign interface ens18 to "internal" zone
# ansible.posix.firewalld:
# interface: ens18
# zone: internal
# state: enabled
# permanent: true
- name: Reload firewalld to apply changes
ansible.builtin.command: firewall-cmd --reload

0
roles/server/fstrim/defaults/main.yml Normal file
View File

6
roles/server/fstrim/tasks/main.yml Normal file
View File

@ -0,0 +1,6 @@
---
- name: Trim filesystem once a week
ansible.builtin.systemd_service:
name: fstrim.timer
enabled: true
state: started

0
roles/server/hostname/defaults/main.yml Normal file
View File

5
roles/server/hostname/tasks/main.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: Set hostname
ansible.builtin.hostname:
name: "{{ hostvars[inventory_hostname]['hostname'] }}"
use: systemd

3
roles/server/kitty/defaults/main.yml Normal file
View File

@ -0,0 +1,3 @@
users:
- xbazzi
- ansible

31
roles/server/kitty/tasks/main.yml Normal file
View File

@ -0,0 +1,31 @@
---
- name: Copy pre-generated kitty terminfo to remote users
copy:
src: /home/xbazzi/.xterm-kitty.terminfo
dest: /home/{{ item }}/xterm-kitty.terminfo
owner: "{{ item }}"
group: "{{ item }}"
mode: '0644'
loop: "{{ users }}"
- name: Upload xterm-kitty.terminfo to each users home
ansible.builtin.copy:
src: "/home/xbazzi/.xterm-kitty.terminfo"
dest: "/home/{{ item }}/xterm-kitty.terminfo"
owner: "{{ item }}"
group: "{{ item }}"
mode: '0644'
loop: "{{ users }}"
- name: Compile terminfo for each user
ansible.builtin.command: >
tic -x -o /home/{{ item }}/.terminfo /home/{{ item }}/xterm-kitty.terminfo
become: true
become_user: root #"{{ item }}"
loop: "{{ users }}"
- name: Clean up xterm-kitty.terminfo from home directory
ansible.builtin.file:
path: "/home/{{ item }}/xterm-kitty.terminfo"
state: absent
loop: "{{ users }}"

2
roles/server/network/files/networkd.conf.d/10-routes.conf Normal file
View File

@ -0,0 +1,2 @@
[Network]
RouteTable=mgmt:202 dmz:203

4
roles/server/network/handlers/main.yml
View File

@ -0,0 +1,4 @@
- name: Restart systemd-networkd
ansible.builtin.systemd_service:
name: systemd-networkd
state: restarted

176
roles/server/network/tasks/main.yml
View File

@ -1,32 +1,29 @@
---
##### Firewall pre-requisites #####
- name: Enable and start systemd-networkd
ansible.builtin.systemd:
name: systemd-networkd
enabled: true
state: started
- name: Enable and start firewalld
ansible.builtin.systemd:
name: firewalld
enabled: yes
state: started
- name: Enable and start NetworkManager
ansible.builtin.systemd:
name: NetworkManager
enabled: yes
state: started
- name: Check existing zones
- name: firewall-cmd --get-zones
ansible.builtin.command: firewall-cmd --get-zones
register: firewalld_zones
- name: Debug output
- name: firewall-cmd --get-active-zones
ansible.builtin.command: firewall-cmd --get-active-zones
register: firewalld_zones
- name: Check existing zones
ansible.builtin.debug:
var: firewalld_zones.stdout
# - name: Create zone "core"
# ansible.builtin.command: firewall-cmd --permanent --new-zone="{{ item }}"
# loop: ["core", "mgmt"]
# # loop: "{{ firewalld_zones.stdout | split }}"
# when: item in firewalld_zones.stdout.split()
# (item != "core" and
# item != "dmz")
- name: Create firewalld core zone
ansible.posix.firewalld:
zone: core
@ -48,89 +45,88 @@
- name: Reload firewalld to apply changes
ansible.builtin.command: firewall-cmd --reload
- name: Enable ssh rule in core for initial ansible config
- name: Enable ssh rule in core
ansible.posix.firewalld:
zone: core
service: ssh
state: enabled
permanent: true
# - name: Ensure all other zones are disabled
# ansible.posix.firewalld:
# zone: "{{ item }}"
# state: disabled
# permanent: true
# when: item not in zones
# loop: "{{ firewalld_zones.stdout | split }}"
- name: Set up CORE interface manually
nmcli:
conn_name: CORE
zone: core
type: ethernet
ip4: "{{ provision_core_ip4 }}"
gw4: "{{ core_gw4 }}"
dns4: "{{ core_gw4 }}"
method4: "manual"
ifname: ens18
dns4_search: lan.xbazzi.com
state: present
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
- name: Set up mgmt interface manually
nmcli:
conn_name: MGMT
- name: Enable ssh rule in mgmt
ansible.posix.firewalld:
zone: mgmt
type: ethernet
ip4: "{{ provision_mgmt_ip4 }}"
routes4: "0.0.0.0/0 {{ mgmt_gw4 }}"
routing_rules4:
- "priority 2 from {{ mgmt_net }} table 200"
route_metric4: 102
dns4: "{{ mgmt_gw4 }}"
method4: "manual"
ifname: "ens19"
dns4_search: "lan.xbazzi.com"
state: present
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
service: ssh
state: enabled
permanent: true
- name: Set up dmz interface manually
nmcli:
conn_name: DMZ
zone: dmz
type: ethernet
ip4: "{{ provision_dmz_ip4 }}"
routes4: "0.0.0.0/0 {{ dmz_gw4 }}"
routing_rules4:
- "priority 3 from {{ dmz_net }} table 300"
route_metric4: 103
dns4: "{{ dmz_gw4 }}"
method4: "manual"
ifname: "ens20"
dns4_search: "lan.xbazzi.com"
state: present
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
- name: Reload firewalld to apply changes
ansible.builtin.command: firewall-cmd --reload
- name: Remove ens18 default connection
nmcli:
conn_name: ens18
state: absent
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
#### Network config ####
- name: Ensure systemd-networkd directories exist
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: '0755'
loop:
- /etc/systemd/network
- /etc/systemd/networkd.conf.d
- name: Remove ens19 default connection
nmcli:
conn_name: ens19
state: absent
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
- name: Generate default interface .network file
ansible.builtin.template:
src: default-interface.network.j2
dest: "/etc/systemd/network/{{ default_interface.prefix }}-{{ default_interface.ifname }}-{{ default_interface.name }}.network"
owner: root
group: root
mode: '0644'
notify: Restart systemd-networkd
- name: Remove ens20 default connection
nmcli:
conn_name: ens20
state: absent
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
- name: Generate auxiliary interfaces .network files
ansible.builtin.template:
src: auxiliary-interface.network.j2
dest: "/etc/systemd/network/{{ item.prefix }}-{{ item.ifname }}-{{ item.name }}.network"
owner: root
group: root
mode: '0644'
loop: "{{ network_interfaces }}"
notify: Restart systemd-networkd
- name: Remove "Wired connection 1"
nmcli:
conn_name: Wired connection 1
state: absent
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
# - name: Deploy .network files
# ansible.builtin.copy:
# src: "files/network/{{ item }}"
# dest: "/etc/systemd/network/{{ item }}"
# owner: root
# group: root
# mode: '0644'
# loop:
# - 10-ens18-core.network
# - 20-ens19-mgmt.network
# - 30-ens20-dmz.network
# notify: Restart systemd-networkd
- name: Deploy systemd-networkd global .conf files
ansible.builtin.copy:
src: "files/networkd.conf.d/{{ item }}"
dest: "/etc/systemd/networkd.conf.d/{{ item }}"
owner: root
group: root
mode: '0644'
loop:
- 10-routes.conf
notify: Restart systemd-networkd
- name: Ensure NetworkManager is disabled
ansible.builtin.systemd_service:
name: NetworkManager
masked: true
enabled: false
state: stopped
- name: Ensure NetworkManager-wait-online is disabled
ansible.builtin.systemd_service:
name: NetworkManager-wait-online
masked: true
enabled: false
state: stopped

250
roles/server/network/tasks/main_nmcli.yml Normal file
View File

@ -0,0 +1,250 @@
---
- name: Enable and start firewalld
ansible.builtin.systemd:
name: firewalld
enabled: yes
state: started
- name: Enable and start NetworkManager
ansible.builtin.systemd:
name: NetworkManager
enabled: yes
state: started
- name: Check existing zones
ansible.builtin.command: firewall-cmd --get-zones
register: firewalld_zones
- name: Debug output
ansible.builtin.debug:
var: firewalld_zones.stdout
# - name: Create zone "core"
# ansible.builtin.command: firewall-cmd --permanent --new-zone="{{ item }}"
# loop: ["core", "mgmt"]
# # loop: "{{ firewalld_zones.stdout | split }}"
# when: item in firewalld_zones.stdout.split()
# (item != "core" and
# item != "dmz")
- name: Create firewalld core zone
ansible.posix.firewalld:
zone: core
state: present
permanent: true
- name: Create firewalld mgmt zone
ansible.posix.firewalld:
zone: mgmt
state: present
permanent: true
- name: Create firewalld dmz zone
ansible.posix.firewalld:
zone: dmz
state: present
permanent: true
- name: Reload firewalld to apply changes
ansible.builtin.command: firewall-cmd --reload
- name: Enable ssh rule in core
ansible.posix.firewalld:
zone: core
service: ssh
state: enabled
permanent: true
- name: Enable ssh rule in mgmt
ansible.posix.firewalld:
zone: mgmt
service: ssh
state: enabled
permanent: true
- name: Reload firewalld to apply changes
ansible.builtin.command: firewall-cmd --reload
# - name: Ensure all other zones are disabled
# ansible.posix.firewalld:
# zone: "{{ item }}"
# state: disabled
# permanent: true
# when: item not in zones
# loop: "{{ firewalld_zones.stdout | split }}"
# - name: Ensure custom routing table names are present
# ansible.builtin.lineinfile:
# path: /etc/iproute2/rt_tables
# line: "{{ item.table_id }} {{ item.table_name }}"
# create: yes
# state: present
# loop: "{{ network_interfaces }}"
# loop_control:
# label: "{{ item.table_name }}"
- name: Ensure /etc/iproute2 directory exists
ansible.builtin.file:
path: /etc/iproute2
state: directory
owner: root
group: root
mode: '0755'
- name: Overwrite /etc/iproute2/rt_tables with templated content
ansible.builtin.template:
src: rt_tables.j2
dest: /etc/iproute2/rt_tables
owner: root
group: root
mode: '0644'
force: yes
- name: Default connection
debug:
var: default_conn
- name: Configure default (CORE) connection
community.general.nmcli:
conn_name: "{{ default_conn.name | upper }}"
type: ethernet
zone: "{{ default_conn.name }}"
method4: "manual"
ip4: "{{ default_conn.ip }}/22"
ifname: "{{ default_conn.ifname }}"
dns4: "{{ default_conn.gateway }}"
dns4_search: lan.xbazzi.com
mtu: "{{ default_conn.mtu | default(1500) }}"
state: present
- name: Configure ancillary connections
community.general.nmcli:
conn_name: "{{ item.name | upper }}"
type: ethernet
zone: "{{ item.name }}"
method4: "manual"
ip4: "{{ item.ip }}/22"
ifname: "{{ item.ifname }}"
dns4: "{{ item.gateway }}"
dns4_search: lan.xbazzi.com
# table: "{{ item.table_id }}"
# table: "{{ item.table_id }}"
mtu: "{{ item.mtu | default(1500) }}"
# routes4_extended:
# - ip: "0.0.0.0/0"
# table: "{{ item.table_id }}"
# next_hop: "{{ item.gateway }}"
# mtu: "{{ item.mtu | default(1500) }}"
# metric:
# - ip: "{{ item.subnet }}"
# table: "{{ item.table_id }}"
# table: "{{ item.table_id }}"
# next_hop: "0.0.0.0"
# mtu: "{{ item.mtu | default(1500) }}"
# - "{{ item.subnet }} 0.0.0.0 {{ item.table_id }}"
# routing_rules4:
# - "priority {{ item.priority }} from {{ item.ip }} table {{ item.table_id }}"
state: present
loop: "{{ network_interfaces }}"
loop_control:
label: "{{ item.name }}"
- name: Add route-table for each interface
ansible.builtin.command: >
nmcli connection modify {{ item.name | upper }} ipv4.route-table {{ item.table_id }}
loop: "{{ network_interfaces }}"
- name: Add routes
ansible.builtin.command: >
nmcli con modify MGMT +ipv4.routes "0.0.0.0/0 {{ item.gateway }}"
loop: "{{ network_interfaces }}"
- name: Add routing rules
ansible.builtin.command: >
nmcli con modify MGMT +ipv4.routing-rules "priority {{ item.priority }} table {{ item.table_id }}"
loop: "{{ network_interfaces }}"
# -name: Add ancillary routes to main table
# sudo ip route add 10.69.0.0/22 dev ens19 proto kernel scope link table main
# - name: Set up CORE interface manually
# nmcli:
# conn_name: CORE
# zone: core
# type: ethernet
# ip4: "{{ provision_core_ip4 }}"
# gw4: "{{ core_gw4 }}"
# dns4: "{{ core_gw4 }}"
# method4: "manual"
# ifname: ens18
# dns4_search: lan.xbazzi.com
# state: present
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
# - name: Set up mgmt interface manually
# nmcli:
# conn_name: MGMT
# zone: mgmt
# type: ethernet
# ip4: "{{ provision_mgmt_ip4 }}"
# # routes4: "0.0.0.0/0 {{ mgmt_gw4 }}"
# routing_rules4:
# - "priority 2 from {{ mgmt_net }} table 200"
# route_metric4: 102
# dns4: "{{ mgmt_gw4 }}"
# method4: "manual"
# ifname: "ens19"
# dns4_search: "lan.xbazzi.com"
# state: present
# # delegate_to: "{{ provision_core_ip4_no_subnet }}"
# - name: Set up dmz interface manually
# nmcli:
# conn_name: DMZ
# zone: dmz
# type: ethernet
# ip4: "{{ provision_dmz_ip4 }}"
# routes4: "0.0.0.0/0 {{ dmz_gw4 }}"
# routes4_extended:
# ip: {{ provision_dmz_ip4 }}
# routing_rules4:
# - "priority 3 from {{ dmz_net }} table 300"
# route_metric4: 103
# dns4: "{{ dmz_gw4 }}"
# method4: "manual"
# ifname: "ens20"
# dns4_search: "lan.xbazzi.com"
# state: present
# delegate_to: "{{ provision_core_ip4_no_subnet }}"
# - name: Remove ens18 default connection
# nmcli:
# conn_name: "{{ item }}"
# state: absent
# loop: ["ens18", "ens19", "ens20", "core", "Wired connection 1"]
- name: List current NetworkManager connections
ansible.builtin.shell: nmcli -t -f NAME connection show
register: nmcli_connections
- name: Show active connection names
ansible.builtin.debug:
var: nmcli_connections.stdout_lines
- name: Remove unwanted default NetworkManager connections
community.general.nmcli:
conn_name: "{{ item }}"
state: absent
loop:
- ens18
- ens19
- ens20
- core
- "Wired connection 1"
ignore_errors: true # Optional: avoids failure if connection doesn't exist
- name: Restart NetworkManager
ansible.builtin.systemd_service:
name: NetworkManager
enabled: true
state: restarted

26
roles/server/network/templates/auxiliary-interface.network.j2 Normal file
View File

@ -0,0 +1,26 @@
[Match]
Name={{ item.ifname }}
[Network]
Address={{ hostvars[inventory_hostname]['addresses'][item.name] }}/22
DNS={{ item.gateway }}
Domains={{ item.search_domain }}
IPv6AcceptRA=false
IPv6SendRA=false
[link]
MTUBytes= {{ item.mtu }}
[Route]
Destination=0.0.0.0/0
Gateway= {{ item.gateway }}
Table= {{ item.table_id }}
[Route]
Destination={{ item.subnet }}
Table= {{ item.table_id }}
[RoutingPolicyRule]
From={{ hostvars[inventory_hostname]['addresses'][item.name] }}
Table={{ item.table_name }}
Priority={{ item.priority }}

8
roles/server/network/templates/default-interface.network.j2 Normal file
View File

@ -0,0 +1,8 @@
[Match]
Name={{ default_interface.ifname }}
[Network]
Address={{ hostvars[inventory_hostname]['addresses'][default_interface.name] }}/22
Gateway={{ default_interface.gateway }}
DNS={{ default_interface.gateway }}
Domains={{ default_interface.search_domain }}

8
roles/server/network/templates/rt_tables.j2 Normal file
View File

@ -0,0 +1,8 @@
255 local
254 main
253 default
0 unspec
{% for iface in network_interfaces %}
{{ iface.table_id }} {{ iface.name }}
{% endfor %}

2
roles/server/users/tasks/main.yml
View File

@ -2,8 +2,8 @@
- name: Add xbazzi group
ansible.builtin.group:
name: xbazzi
state: present
gid: 1337
state: present
- name: Add xbazzi user
ansible.builtin.user: