crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity

[keepalived] routeur-daniel should burn in hell

certbot_on_virtu
_shirenn 2021-07-10 20:41:11 +02:00
parent a7e9d992d1
commit 24243c9acb
4 changed files with 31 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
group_vars/keepalived.yml
View File

@ -1,8 +1,9 @@
--- ---
glob_keepalived: glob_keepalived:
mail_source: keepalived@crans.org mail_source: keepalived@crans.org
mail_destination: shirenn@crans.org mail_destination: root@crans.org
smtp_server: smtp.adm.crans.org smtp_server: smtp.adm.crans.org
routeur_id: "{{ ansible_hostname }}"
pool: pool:
VI_ALL: VI_ALL:
password: "{{ vault.keepalived.password }}" password: "{{ vault.keepalived.password }}"
@ -11,14 +12,18 @@ glob_keepalived:
notify: /var/local/services/keepalived/keepalived.py notify: /var/local/services/keepalived/keepalived.py
zones: zones:
- vlan: srv - vlan: srv
ipv4: 185.230.79.61/26 ipv4: 185.230.79.62/26
ipv6: 2a0c:700:2::ff:fe01:9902/64 ipv6: 2a0c:700:2::ff:fe00:9902/64
- vlan: srv_nat - vlan: srv_nat
ipv4: 172.16.3.199/24 ipv4: 172.16.3.99/24
ipv6: 2a0c:700:3::ff:fe01:9903/64 ipv6: 2a0c:700:3::ff:fe00:9903/64
- vlan: adh - vlan: adh
ipv4: 185.230.78.199/24 ipv4: 185.230.78.99/24
ipv6: 2a0c:700:12::ff:fe01:9912/48 ipv6: 2a0c:700:12::ff:fe00:9912/48
- vlan: aurore
ipv4: 185.230.79.253/29
brd: no
ipv6: 2a0c:700:28::1/64
glob_service_keepalived: glob_service_keepalived:
name: keepalived name: keepalived

1
host_vars/routeur-daniel.adm.crans.org/keepalived.yml
View File

@ -14,3 +14,4 @@ loc_service_keepalived:
VI_ALL: VI_ALL:
- isc-dhcp-server - isc-dhcp-server
- radvd - radvd
- bird

17
host_vars/routeur-sam.adm.crans.org/keepalived.yml 100644
View File

@ -0,0 +1,17 @@
---
loc_keepalived:
instances:
- name: VI_ALL
state: MASTER
priority: 150
loc_service_keepalived:
git:
remote: https://gitlab.adm.crans.org/nounous/keepalived.git
version: master
config:
services:
VI_ALL:
- isc-dhcp-server
- radvd
- bird

9
roles/keepalived/templates/keepalived/keepalived.conf.j2
View File

@ -4,6 +4,7 @@ global_defs {
notification_email { {{ keepalived.mail_destination }} } notification_email { {{ keepalived.mail_destination }} }
notification_email_from {{ keepalived.mail_source }} notification_email_from {{ keepalived.mail_source }}
smtp_server {{ keepalived.smtp_server }} smtp_server {{ keepalived.smtp_server }}
router_id {{ keepalived.routeur_id }}
} }
{% for instance in keepalived.instances %} {% for instance in keepalived.instances %}
@ -15,10 +16,6 @@ vrrp_instance {{ instance.name }} {
interface {{ interfaces.adm }} interface {{ interfaces.adm }}
virtual_router_id {{ keepalived.pool[instance.name].id }} virtual_router_id {{ keepalived.pool[instance.name].id }}
advert_int 2 advert_int 2
authentication {
auth_type PASS
auth_pass {{ keepalived.pool[instance.name].password }}
}
{% if keepalived.pool[instance.name].notify is defined %} {% if keepalived.pool[instance.name].notify is defined %}
notify {{ keepalived.pool[instance.name].notify }} notify {{ keepalived.pool[instance.name].notify }}
@ -44,10 +41,6 @@ vrrp_instance {{ instance.name }}6 {
interface {{ interfaces.adm }} interface {{ interfaces.adm }}
virtual_router_id {{ keepalived.pool[instance.name].id }} virtual_router_id {{ keepalived.pool[instance.name].id }}
advert_int 2 advert_int 2
authentication {
auth_type PASS
auth_pass {{ keepalived.pool[instance.name].password }}
}
virtual_ipaddress { virtual_ipaddress {
{% for zone in keepalived.pool[instance.name].zones %} {% for zone in keepalived.pool[instance.name].zones %}