From 86fd61878c8e64b2e1f8fdb99ec59b1d4ad08820 Mon Sep 17 00:00:00 2001
From: shirenn <shirenn@crans.org>
Date: Wed, 19 May 2021 14:35:15 +0200
Subject: [PATCH] airbus + routeur-gulp variables

---
 host_vars/airbus.cachan-adm.crans.org.yml     | 15 ++++++
 .../cachan.yml                                | 19 +++++++
 .../dhcp.yml                                  | 49 +++++++++++++++++++
 .../firewall.yml                              | 17 +++++++
 .../radvd.yml                                 | 13 +++++
 .../vars.yml                                  |  3 ++
 hosts                                         |  9 +++-
 7 files changed, 124 insertions(+), 1 deletion(-)
 create mode 100644 host_vars/airbus.cachan-adm.crans.org.yml
 create mode 100644 host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
 create mode 100644 host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
 create mode 100644 host_vars/routeur-gulp.cachan-adm.crans.org/firewall.yml
 create mode 100644 host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
 create mode 100644 host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml

diff --git a/host_vars/airbus.cachan-adm.crans.org.yml b/host_vars/airbus.cachan-adm.crans.org.yml
new file mode 100644
index 00000000..e70de70f
--- /dev/null
+++ b/host_vars/airbus.cachan-adm.crans.org.yml
@@ -0,0 +1,15 @@
+---
+loc_home_nounou:
+  ip: 172.17.10.9
+  mountpoint: /rpool/home
+
+loc_ldap:
+  servers:
+    - 172.17.10.9
+  base: 'dc=crans,dc=org'
+
+glob_ntp_client:
+  servers:
+    - terenez.cachan-adm.crans.org
+
+debian_mirror: http://172.17.10.202/debian
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
new file mode 100644
index 00000000..4079d35d
--- /dev/null
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/cachan.yml
@@ -0,0 +1,19 @@
+---
+loc_home_nounou:
+  ip: 172.17.10.9
+  mountpoint: /rpool/home
+
+loc_ldap:
+  servers:
+    - 172.17.10.9
+  base: 'dc=crans,dc=org'
+
+loc_ntp_client:
+  servers:
+    - terenez.cachan-adm.crans.org
+
+debian_mirror: http://172.17.10.202/debian
+
+loc_mirror:
+  name: mirror.cachan-adm.crans.org
+  ip: "{{ query('ldap','ip','mirror','cachan.adm') | ipv4 | first }}"
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
new file mode 100644
index 00000000..3e6e5827
--- /dev/null
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/dhcp.yml
@@ -0,0 +1,49 @@
+---
+loc_dhcp:
+  authoritative: True
+  global_options:
+    - { key: "interface-mtu", value: "1500" }
+  global_parameters: []
+  subnets:
+    - network: "185.230.76.0/26"
+      deny_unknown: True
+      vlan: "cachan-adh"
+      default_lease_time: "600"
+      max_lease_time: "7200"
+      routers: "185.230.76.62"
+      dns: ["185.230.76.62"]
+      domain_name: "adh.crans.org"
+      domain_search: "adh.crans.org"
+      options: []
+      lease_file: "/var/local/services/dhcp/generated/dhcp.cachan-adh.crans.org.list"
+#    - network: 100.65.0.0/16
+#      vlan: "federez"
+#      default_lease_time: "600"
+#      max_lease_time: "7200"
+#      routers: "100.65.0.99"
+#      dns: ["100.65.0.99"]
+#      domain_name: "federez.net"
+#      domain_search: "federez.net"
+#      ranges:
+#        - min: 100.65.1.0
+#          max: 100.65.255.254
+#      options: []
+
+loc_service_dhcp:
+  re2o:
+    hostname: "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
+    user: services
+    password: "{{ vault.re2o_service_password }}"
+  name: dhcp
+  install_dir: /var/local/services/dhcp
+  generated: yes
+  frequency: "*/2 * * * *"
+  options: -q
+  dependencies:
+    - python3-jinja2
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/dhcp.git
+    version: cachan
+  config:
+    subnets:
+      cachan-adh.crans.org: 185.230.76.0/26
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/firewall.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/firewall.yml
new file mode 100644
index 00000000..5964d780
--- /dev/null
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/firewall.yml
@@ -0,0 +1,17 @@
+---
+loc_service_firewall:
+  re2o:
+    hostname: "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
+    user: services
+    password: "{{ vault.re2o_service_password }}"
+  name: firewall
+  install_dir: /var/local/services/firewall
+  frequency: "*/2 * * * *"
+  options: -q
+  dependencies:
+    - python3-iso8601
+    - python3-jinja2
+    - python3-ldap
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/firewall.git
+    version: cachan
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
new file mode 100644
index 00000000..8cabeada
--- /dev/null
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/radvd.yml
@@ -0,0 +1,13 @@
+---
+loc_radvd:
+  subnets:
+    - name: cachan-adh
+      prefix: 2a0c:700:3012::/64
+      dnssl: adh.crans.org
+      dns:
+        - "{{ query('ldap', 'ip', 'routeur-gulp', 'cachan-adh') | ipv6 | first }}"
+#    - name: federez
+#      prefix: 2a0c:700:254::/64
+#      dnssl: federez.net
+#      dns:
+#        - 2a0c:700:254::ff:fe00:99fe
diff --git a/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml b/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
new file mode 100644
index 00000000..fa558b2e
--- /dev/null
+++ b/host_vars/routeur-gulp.cachan-adm.crans.org/vars.yml
@@ -0,0 +1,3 @@
+---
+interfaces:
+  cachan-adh: "ens22"
diff --git a/hosts b/hosts
index 5507c731..cdd347a9 100644
--- a/hosts
+++ b/hosts
@@ -24,6 +24,9 @@ virtu
 [belenios]
 belenios.adm.crans.org
 
+[bird:children]
+routeurs_vm
+
 [certbot]
 sputnik.adm.crans.org
 
@@ -66,11 +69,14 @@ ethercalc.adm.crans.org
 [etherpad]
 kenobi.adm.crans.org
 
+[firewall:children]
+routeurs_vm
+
 [framadate]
 voyager.adm.crans.org
 
 [freebox]
-boeing.adm.crans.org
+airbus.cachan-adm.crans.org
 
 [galene]
 neree.adm.crans.org
@@ -206,6 +212,7 @@ baie
 virtu
 
 [crans_vm]
+airbus.cachan-adm.crans.org
 belenios.adm.crans.org
 #bigbluebutton.adm.crans.org
 boeing.adm.crans.org