ip → ansible.utils.ip
parent
55e1fdc184
commit
a0ac6e7293
|
|
@ -4,7 +4,7 @@ glob_adh:
|
|||
listen_local:
|
||||
- "127.0.0.1:80"
|
||||
- "[::1]:80"
|
||||
listen_network: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap }}"
|
||||
listen_network: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap }}"
|
||||
club_vhosts:
|
||||
- from: pot-vieux.crans.org
|
||||
to: club-vieux/www
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
glob_home_nounou:
|
||||
mounts:
|
||||
- ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /pool/home
|
||||
target: /home_nounou
|
||||
name: home_nounou
|
||||
|
|
|
|||
|
|
@ -3,31 +3,31 @@ glob_network_interfaces:
|
|||
vlan:
|
||||
- name: srv
|
||||
id: 2
|
||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ipv4 | first }}"
|
||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ipv6 | first }}"
|
||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ansible.utils.ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ansible.utils.ipv4 | first }}"
|
||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ansible.utils.ipv6 | first }}"
|
||||
- name: srv_nat
|
||||
id: 3
|
||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ipv4 | first }}"
|
||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ipv6 | first }}"
|
||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ansible.utils.ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ansible.utils.ipv4 | first }}"
|
||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ansible.utils.ipv6 | first }}"
|
||||
- name: san
|
||||
id: 4
|
||||
extra:
|
||||
- "mtu 9000"
|
||||
- name: adm
|
||||
id: 10
|
||||
dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ansible.utils.ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
- name: adh
|
||||
id: 12
|
||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ipv4 | first }}"
|
||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ipv6 | first }}"
|
||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv4 | first }}"
|
||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv4 | first }}"
|
||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv6 | first }}"
|
||||
- name: adh_adm
|
||||
id: 13
|
||||
- name: renater
|
||||
id: 38
|
||||
gateway: "{{ query('ldap', 'ip', 'dsi', 'renater') | ipv4 | first }}"
|
||||
gateway: "{{ query('ldap', 'ip', 'dsi', 'renater') | ansible.utils.ipv4 | first }}"
|
||||
- name: lp
|
||||
id: 56
|
||||
- name: auto
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
---
|
||||
glob_prometheus_nginx_exporter:
|
||||
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
||||
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
---
|
||||
glob_prometheus_node_exporter:
|
||||
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
||||
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
---
|
||||
glob_rsyslog_client:
|
||||
server: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
server: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
loc_home_nounou:
|
||||
mounts:
|
||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /home_nounou
|
||||
target: /home_nounou
|
||||
name: home_nounou
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
---
|
||||
loc_ldap:
|
||||
servers:
|
||||
- "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
||||
- "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
|
|
|
|||
|
|
@ -8,14 +8,14 @@ glob_constellation:
|
|||
- 'intranet.crans.org'
|
||||
email:
|
||||
ssl: false
|
||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 25
|
||||
user: ''
|
||||
password: ''
|
||||
from: "root@crans.org"
|
||||
from_full: "Crans <root@crans.org>"
|
||||
database:
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 5432
|
||||
user: 'constellation'
|
||||
password: "{{ vault.constellation.django_db_password }}"
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ glob_django_cas:
|
|||
secret_key: "{{ vault.cas.secret_key }}"
|
||||
mail:
|
||||
address: 'root@crans.org'
|
||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 25
|
||||
|
||||
loc_nginx:
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
---
|
||||
glob_dovecot:
|
||||
ldap:
|
||||
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ipv4 | first }}/"
|
||||
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org'
|
||||
pass: "{{ vault.dovecot_dnpass }}"
|
||||
users_base: 'cn=Utilisateurs,dc=crans,dc=org'
|
||||
home_path: '/home_adh'
|
||||
inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap | join(', ') }}"
|
||||
inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap | join(', ') }}"
|
||||
|
|
|
|||
|
|
@ -1,3 +1,3 @@
|
|||
---
|
||||
glob_ethercalc:
|
||||
ip: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||
|
|
|
|||
|
|
@ -19,5 +19,5 @@ glob_horde:
|
|||
admin_dest_hostname: webmail.adm.crans.org
|
||||
zone_ipv4: 172.16.10.0/24
|
||||
zone_ipv6: fd00:0:0:10::/64
|
||||
ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
||||
ipv6: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv6 | first }}"
|
||||
ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||
ipv6: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv6 | first }}"
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
glob_keepalived:
|
||||
mail_source: keepalived@crans.org
|
||||
mail_destination: root@crans.org
|
||||
smtp_server: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
||||
smtp_server: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
routeur_id: "{{ ansible_hostname }}"
|
||||
pool:
|
||||
VI_ALL:
|
||||
|
|
|
|||
|
|
@ -57,13 +57,13 @@ glob_mailman3:
|
|||
database:
|
||||
user: "mailman3"
|
||||
pass: "{{ vault.mailman3.database.pass }}"
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 5432
|
||||
name: "mailman3"
|
||||
web_database:
|
||||
user: "mailman3web"
|
||||
pass: "{{ vault.mailman3.web_database.pass }}"
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 5432
|
||||
name: "mailman3web"
|
||||
restadmin_pass: "{{ vault.mailman3.restadmin_pass }}"
|
||||
|
|
|
|||
|
|
@ -8,14 +8,14 @@ glob_printer:
|
|||
- 'imprimante.crans.org'
|
||||
email:
|
||||
ssl: false
|
||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 25
|
||||
user: ''
|
||||
password: ''
|
||||
from: "root@crans.org"
|
||||
from_full: "Crans <root@crans.org>"
|
||||
database:
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
port: 5432
|
||||
user: 'helloworld'
|
||||
password: "{{ vault.printer.django_db_password }}"
|
||||
|
|
@ -27,9 +27,9 @@ glob_printer:
|
|||
note_id: 2088
|
||||
note_alias: 'Crans'
|
||||
printer_name: 'Lexmark_X950_Series'
|
||||
domain: "{{ query('ldap', 'ip', 'printer', 'lp') | ipv4 | first }}"
|
||||
domain: "{{ query('ldap', 'ip', 'printer', 'lp') | ansible.utils.ipv4 | first }}"
|
||||
scan_server:
|
||||
address: "{{ query('ldap', 'ip', ansible_hostname, 'lp') | ipv4 | first }}"
|
||||
address: "{{ query('ldap', 'ip', ansible_hostname, 'lp') | ansible.utils.ipv4 | first }}"
|
||||
port: 9751
|
||||
debug: false
|
||||
owner: www-data
|
||||
|
|
@ -38,7 +38,7 @@ glob_printer:
|
|||
settings_local_owner: www-data
|
||||
settings_local_group: _nounou
|
||||
ldap:
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
dn_template: uid=%(user)s,ou=passwd,dc=crans,dc=org
|
||||
group_search: ou=group,dc=crans,dc=org
|
||||
read_group: cn=_user,ou=group,dc=crans,dc=org
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
---
|
||||
glob_re2o_front:
|
||||
server_names:
|
||||
- "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
|
||||
- "[{{ query('ldap', 'ip', 're2o', 'adm') | ipv6 | first }}]"
|
||||
- "{{ query('ldap', 'ip', 're2o', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
- "[{{ query('ldap', 'ip', 're2o', 'adm') | ansible.utils.ipv6 | first }}]"
|
||||
- re2o.adm.crans.org
|
||||
- intranet.adm.crans.org
|
||||
- re2o.crans.org
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
glob_re2o_ldap:
|
||||
suffix: dc=crans,dc=org
|
||||
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ipv4 | first }}:636"
|
||||
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ansible.utils.ipv4 | first }}:636"
|
||||
root_password_hash: "{{ vault.slapd.re2o.admin.bindpass_hash }}"
|
||||
certificate: "{{ vault.slapd.re2o.certificate }}"
|
||||
private_key: "{{ vault.slapd.re2o.private_key }}"
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ loc_nginx:
|
|||
service_name: "roundcube"
|
||||
ssl: []
|
||||
servers:
|
||||
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
||||
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
||||
default: true
|
||||
root: "/var/lib/roundcube"
|
||||
locations:
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
glob_slapd:
|
||||
master_ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
master_ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
regex: "^(role:(dhcp|dns|dns-primary|dns-secondary|ftp|gitlab|miroir|ntp|pve|radius|backup)|ecdsa-sha2-nistp256:.*|ssh-(ed25519|dss|rsa):.*|description:.*|location:.*)$"
|
||||
replication_credentials: "{{ vault.slapd.tealc.replication_credentials }}"
|
||||
private_key: "{{ vault.slapd.tealc.private_key }}"
|
||||
|
|
|
|||
|
|
@ -4,17 +4,17 @@ glob_sssd:
|
|||
domain: tealc.adm.crans.org
|
||||
enumerate: "true"
|
||||
servers:
|
||||
- "ldaps://{{ query('ldap','ip','tealc','adm') | ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','sam','adm') | ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','daniel','adm') | ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','jack','adm') | ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','tealc','adm') | ansible.utils.ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','sam','adm') | ansible.utils.ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','daniel','adm') | ansible.utils.ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','jack','adm') | ansible.utils.ipv4 | first }}/"
|
||||
base: "dc=crans,dc=org"
|
||||
secondary:
|
||||
domain: re2o-ldap.adm.crans.org
|
||||
enumerate: "false"
|
||||
servers:
|
||||
- "ldaps://{{ query('ldap','ip','re2o-ldap','adm') | ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','terenez','adm') | ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','re2o-ldap','adm') | ansible.utils.ipv4 | first }}/"
|
||||
- "ldaps://{{ query('ldap','ip','terenez','adm') | ansible.utils.ipv4 | first }}/"
|
||||
base: "dc=crans,dc=org"
|
||||
bind:
|
||||
dn: "{{ vault.sssd.secondary_ldap.binddn }}"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
loc_home_nounou:
|
||||
mounts:
|
||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /home_nounou
|
||||
target: /home_nounou
|
||||
name: home_nounou
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
---
|
||||
loc_ldap:
|
||||
servers:
|
||||
- "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
||||
- "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ glob_service_proxmox_user:
|
|||
config:
|
||||
ldap:
|
||||
admin:
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
userBase: "ou=passwd,dc=crans,dc=org"
|
||||
realm: "pam"
|
||||
dependencies:
|
||||
|
|
|
|||
|
|
@ -12,11 +12,11 @@ glob_service_proxmox_user:
|
|||
config:
|
||||
ldap:
|
||||
admin:
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
userBase: "ou=passwd,dc=crans,dc=org"
|
||||
realm: "pam"
|
||||
user:
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'flirt', 'adm') | ipv4 | first }}/"
|
||||
uri: "ldaps://{{ query('ldap', 'ip', 'flirt', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
userBase: "ou=users,dc=adh,dc=crans,dc=org"
|
||||
realm: "pve"
|
||||
binddn: "{{ vault.ldap_adh_reader.binddn }}"
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ loc_nginx:
|
|||
service_name: wiki
|
||||
ssl: []
|
||||
servers:
|
||||
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
||||
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
||||
default: true
|
||||
access_log: "/var/log/nginx/wiki.log combined"
|
||||
error_log: "/var/log/nginx/wiki.error.log"
|
||||
|
|
|
|||
|
|
@ -4,14 +4,14 @@ interfaces:
|
|||
|
||||
loc_home_nounou:
|
||||
mounts:
|
||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /home_nounou
|
||||
target: /home_nounou
|
||||
name: home_nounou
|
||||
owner: root
|
||||
group: _user
|
||||
mode: '0750'
|
||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /rpool/backup
|
||||
target: /backup
|
||||
name: backup
|
||||
|
|
|
|||
|
|
@ -4,14 +4,14 @@ interfaces:
|
|||
|
||||
loc_home_nounou:
|
||||
mounts:
|
||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /home_nounou
|
||||
target: /home_nounou
|
||||
name: home_nounou
|
||||
owner: root
|
||||
group: _user
|
||||
mode: '0750'
|
||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
mountpoint: /rpool/backup
|
||||
target: /backup
|
||||
name: backup
|
||||
|
|
|
|||
|
|
@ -12,9 +12,9 @@ loc_wireguard:
|
|||
peers:
|
||||
- public_key: "{{ vault.wireguard.sputnik.pubkey }}"
|
||||
allowed_ips:
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}/32"
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv6 | first }}/128"
|
||||
endpoint: "{{ query('ldap', 'ip', 'sputnik', 'srv') | ipv4 | first }}:51820"
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}/32"
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv6 | first }}/128"
|
||||
endpoint: "{{ query('ldap', 'ip', 'sputnik', 'srv') | ansible.utils.ipv4 | first }}:51820"
|
||||
post_up:
|
||||
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
||||
- "sysctl -w net.ipv6.conf.%i.proxy_ndp=1"
|
||||
|
|
@ -63,7 +63,7 @@ loc_wireguard:
|
|||
loc_service_proxy:
|
||||
config:
|
||||
ldap:
|
||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
protocol: "proxy"
|
||||
filter: "adm.crans.org"
|
||||
proxy:
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'daniel', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'daniel', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: true
|
||||
replica_rid: 2
|
||||
|
||||
loc_postgres:
|
||||
version: 13
|
||||
replica: true
|
||||
addresses: "['daniel.adm.crans.org'] + {{ query('ldap', 'ip', 'daniel', 'adm') | ipaddr('address') }}"
|
||||
addresses: "['daniel.adm.crans.org'] + {{ query('ldap', 'ip', 'daniel', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||
|
||||
loc_service_proxmox_user:
|
||||
cron: null
|
||||
|
|
|
|||
|
|
@ -6,6 +6,6 @@ loc_borg:
|
|||
- /var
|
||||
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: true
|
||||
replica_rid: 6
|
||||
|
|
|
|||
|
|
@ -5,4 +5,4 @@ interfaces:
|
|||
lp: ens20
|
||||
|
||||
loc_snmp_exporter:
|
||||
listen_address: "{{ query('ldap', 'ip', 'helloworld', 'adm') | ipv4 | first }}:9116"
|
||||
listen_address: "{{ query('ldap', 'ip', 'helloworld', 'adm') | ansible.utils.ipv4 | first }}:9116"
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
---
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'jack', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'jack', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: true
|
||||
replica_rid: 3
|
||||
|
||||
loc_postgres:
|
||||
version: 13
|
||||
replica: true
|
||||
addresses: "['jack.adm.crans.org'] + {{ query('ldap', 'ip', 'jack', 'adm') | ipaddr('address') }}"
|
||||
addresses: "['jack.adm.crans.org'] + {{ query('ldap', 'ip', 'jack', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||
|
||||
loc_service_proxmox_user:
|
||||
cron: null
|
||||
|
|
|
|||
|
|
@ -4,4 +4,4 @@ interfaces:
|
|||
srv_nat: eth1
|
||||
|
||||
loc_re2o_ldap_replica:
|
||||
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ipv4 | first }}:636"
|
||||
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ansible.utils.ipv4 | first }}:636"
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ loc_wireguard:
|
|||
allowed_ips:
|
||||
- "{{ query('ldap', 'network', 'adm') }}"
|
||||
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ipv4 | first }}:51821"
|
||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ansible.utils.ipv4 | first }}:51821"
|
||||
persistent_keepalive: 25
|
||||
post_up:
|
||||
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
||||
|
|
@ -29,7 +29,7 @@ loc_wireguard:
|
|||
loc_service_proxy:
|
||||
config:
|
||||
ldap:
|
||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
protocol: "proxy"
|
||||
filter: "adm.crans.org"
|
||||
proxy:
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ loc_wireguard:
|
|||
allowed_ips:
|
||||
- "{{ query('ldap', 'network', 'adm') }}"
|
||||
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ipv4 | first }}:51822"
|
||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ansible.utils.ipv4 | first }}:51822"
|
||||
persistent_keepalive: 25
|
||||
post_up:
|
||||
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
||||
|
|
@ -30,7 +30,7 @@ loc_wireguard:
|
|||
loc_service_proxy:
|
||||
config:
|
||||
ldap:
|
||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||
protocol: "proxy"
|
||||
filter: "adm.crans.org"
|
||||
proxy:
|
||||
|
|
|
|||
|
|
@ -6,11 +6,11 @@ loc_borg:
|
|||
- /var
|
||||
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'sam', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'sam', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: true
|
||||
replica_rid: 1
|
||||
|
||||
loc_postgres:
|
||||
version: 13
|
||||
replica: true
|
||||
addresses: "['sam.adm.crans.org'] + {{ query('ldap', 'ip', 'sam', 'adm') | ipaddr('address') }}"
|
||||
addresses: "['sam.adm.crans.org'] + {{ query('ldap', 'ip', 'sam', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||
|
|
|
|||
|
|
@ -12,8 +12,8 @@ loc_wireguard:
|
|||
tunnels:
|
||||
- name: "sputnik"
|
||||
addresses:
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}/24"
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv6 | first }}/64"
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}/24"
|
||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv6 | first }}/64"
|
||||
listen_port: 51820
|
||||
private_key: "{{ vault.wireguard.sputnik.privkey }}"
|
||||
peers:
|
||||
|
|
@ -21,12 +21,12 @@ loc_wireguard:
|
|||
allowed_ips:
|
||||
- "{{ query('ldap', 'network', 'adm') }}"
|
||||
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ipv4 | first }}:51820"
|
||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ansible.utils.ipv4 | first }}:51820"
|
||||
post_up:
|
||||
- "/sbin/ip link set sputnik alias adm"
|
||||
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: true
|
||||
replica_rid: 4
|
||||
|
||||
|
|
|
|||
|
|
@ -27,13 +27,13 @@ loc_postgres:
|
|||
- {db: mailman3web, user: mailman3web}
|
||||
- {db: all, user: all, subnets: ['127.0.0.1/32', '::1/128'], local: true}
|
||||
- {db: replication, user: replication, local: true}
|
||||
addresses: "['tealc.adm.crans.org'] + {{ query('ldap', 'ip', 'tealc', 'adm') | ipaddr('address') }}"
|
||||
addresses: "['tealc.adm.crans.org'] + {{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||
backup:
|
||||
dir: /var/local/db-backup
|
||||
frequency: "{{ 60 | random(seed=inventory_hostname) }} {{ ((24 | random(seed=inventory_hostname))+12)%24 }} * * *"
|
||||
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: false
|
||||
|
||||
loc_borg:
|
||||
|
|
|
|||
|
|
@ -6,6 +6,6 @@ loc_borg:
|
|||
- /var
|
||||
|
||||
loc_slapd:
|
||||
ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
||||
ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||
replica: true
|
||||
replica_rid: 5
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@ loc_wireguard:
|
|||
peers:
|
||||
- public_key: "{{ vault.wireguard.charybde.pubkey }}"
|
||||
allowed_ips:
|
||||
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ipv4 | first }}/32"
|
||||
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ipv6 | first }}/128"
|
||||
endpoint: "{{ query('ldap', 'ip', 'freebox', 'srv') | ipv4 | first }}:51820"
|
||||
post_up: "sysctl -w net.ipv4.conf.ens18.proxy_arp=1; sysctl -w net.ipv4.conf.gulp.proxy_arp=1; sysctl -w net.ipv6.conf.ens18.proxy_ndp=1; sysctl -w net.ipv6.conf.gulp.proxy_ndp=1; ip neigh add proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ipv6 | first }} dev ens18"
|
||||
post_down: "sysctl -w net.ipv4.conf.ens18.proxy_arp=0; sysctl -w net.ipv4.conf.gulp.proxy_arp=0; sysctl -w net.ipv6.conf.ens18.proxy_ndp=0; sysctl -w net.ipv6.conf.gulp.proxy_ndp=0; ip neigh delete proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ipv6 | first }} dev ens18"
|
||||
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv4 | first }}/32"
|
||||
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }}/128"
|
||||
endpoint: "{{ query('ldap', 'ip', 'freebox', 'srv') | ansible.utils.ipv4 | first }}:51820"
|
||||
post_up: "sysctl -w net.ipv4.conf.ens18.proxy_arp=1; sysctl -w net.ipv4.conf.gulp.proxy_arp=1; sysctl -w net.ipv6.conf.ens18.proxy_ndp=1; sysctl -w net.ipv6.conf.gulp.proxy_ndp=1; ip neigh add proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }} dev ens18"
|
||||
post_down: "sysctl -w net.ipv4.conf.ens18.proxy_arp=0; sysctl -w net.ipv4.conf.gulp.proxy_arp=0; sysctl -w net.ipv6.conf.ens18.proxy_ndp=0; sysctl -w net.ipv6.conf.gulp.proxy_ndp=0; ip neigh delete proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }} dev ens18"
|
||||
|
|
|
|||
|
|
@ -379,7 +379,7 @@ class LookupModule(LookupBase):
|
|||
prefixv6: "{{ lookup('re2oapi', 'previxv6', 'adherents', 'adm') }}"
|
||||
tasks:
|
||||
- debug:
|
||||
msg: "{{ prefixv6 | ipwrap }}"
|
||||
msg: "{{ prefixv6 | ansible.utils.ipwrap }}"
|
||||
|
||||
The following will get the ip addresses of all servers with role
|
||||
dns-authorithary-master on vlan 2.
|
||||
|
|
|
|||
|
|
@ -11,14 +11,14 @@ $TTL 0
|
|||
)
|
||||
|
||||
@ IN NS passerelle.infra.crans.org
|
||||
passerelle.infra.crans.org IN A {{ (query('ldap', 'ip', 'passerelle', 'infra') | ipv4)[0] }}
|
||||
passerelle.infra.crans.org IN A {{ (query('ldap', 'ip', 'passerelle', 'infra') | ansible.utils.ipv4)[0] }}
|
||||
|
||||
* IN CNAME crans.org
|
||||
*.org IN CNAME crans.org
|
||||
*.fr IN CNAME crans.org
|
||||
*.com IN CNAME crans.org
|
||||
|
||||
intranet.crans.org IN A 172.16.32.156 ; (query('ldap', 'ip', 'intranet', 'infra') | ipv4)[0]
|
||||
intranet.crans.org IN A 172.16.32.156 ; (query('ldap', 'ip', 'intranet', 'infra') | ansible.utils.ipv4)[0]
|
||||
intranet.infra.crans.org IN A 172.16.32.156
|
||||
|
||||
unifi.infra.crans.org IN A {{ (query('ldap', 'ip', 'unifi', 'infra') | ipv4)[0] }}
|
||||
unifi.infra.crans.org IN A {{ (query('ldap', 'ip', 'unifi', 'infra') | ansible.utils.ipv4)[0] }}
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ include "./dhcp-failover.conf";
|
|||
|
||||
|
||||
{% for subnet in dhcp.subnets %}
|
||||
subnet {{ subnet.network | ipaddr('network') }} netmask {{ subnet.network | ipaddr('netmask') }} {
|
||||
subnet {{ subnet.network | ansible.utils.netaddr('network') }} netmask {{ subnet.network | ansible.utils.netaddr('netmask') }} {
|
||||
interface "{{ interfaces[subnet.vlan] }}";
|
||||
{% if subnet.default_lease_time is defined %}
|
||||
default-lease-time {{ subnet.default_lease_time }};
|
||||
|
|
@ -43,8 +43,8 @@ subnet {{ subnet.network | ipaddr('network') }} netmask {{ subnet.network | ipad
|
|||
{% if subnet.max_lease_time is defined %}
|
||||
max-lease-time {{ subnet.max_lease_time }};
|
||||
{% endif %}
|
||||
option subnet-mask {{ subnet.network | ipaddr('netmask') }};
|
||||
option broadcast-address {{ subnet.network | ipaddr('broadcast') }};
|
||||
option subnet-mask {{ subnet.network | ansible.utils.netaddr('netmask') }};
|
||||
option broadcast-address {{ subnet.network | ansible.utils.netaddr('broadcast') }};
|
||||
{% if subnet.routers is defined %}
|
||||
option routers {{ subnet.routers }};
|
||||
{% endif %}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ vrrp_instance {{ instance.name }} {
|
|||
virtual_ipaddress {
|
||||
{% for zone in keepalived.pool[instance.name].zones %}
|
||||
{% if zone.brd is undefined or zone.brd %}
|
||||
{{ zone.ipv4 }} brd {{ zone.ipv4 | ipaddr('broadcast') }} dev {{ interfaces[zone.vlan] }} scope global
|
||||
{{ zone.ipv4 }} brd {{ zone.ipv4 | ansible.utils.ipaddr('broadcast') }} dev {{ interfaces[zone.vlan] }} scope global
|
||||
{% else %}
|
||||
{{ zone.ipv4 }} dev {{ interfaces[zone.vlan] }} scope global
|
||||
{% endif %}
|
||||
|
|
|
|||
|
|
@ -6,13 +6,13 @@ auto {{ interfaces[item.name] }}
|
|||
iface {{ interfaces[item.name] }} inet dhcp
|
||||
iface {{ interfaces[item.name] }} inet6 auto
|
||||
{% else %}
|
||||
{% set subnet_network = (query('ldap', 'network', vlan_name) | ipaddr('network')) %}
|
||||
{% set subnet_netmask = (query('ldap', 'network', vlan_name) | ipaddr('netmask')) %}
|
||||
{% set subnet_network = (query('ldap', 'network', vlan_name) | ansible.utils.ipaddr('network')) %}
|
||||
{% set subnet_netmask = (query('ldap', 'network', vlan_name) | ansible.utils.ipaddr('netmask')) %}
|
||||
{% set ips = query('ldap', 'ip', ansible_hostname, vlan_name) %}
|
||||
{% if (ips | ipv4 | length) > 0 %}
|
||||
{% if (ips | ansible.utils.ipv4 | length) > 0 %}
|
||||
auto {{ interfaces[item.name] }}
|
||||
iface {{ interfaces[item.name] }} inet static
|
||||
{% for ip in (ips | ipv4) %}
|
||||
{% for ip in (ips | ansible.utils.ipv4) %}
|
||||
address {{ ip }}
|
||||
{% endfor %}
|
||||
network {{ subnet_network }}
|
||||
|
|
@ -46,9 +46,9 @@ iface {{ interfaces[item.name] }} inet static
|
|||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
{% if (ips | ipv6 | length) > 0 %}
|
||||
{% if (ips | ansible.utils.ipv6 | length) > 0 %}
|
||||
iface {{ interfaces[item.name] }} inet6 static
|
||||
{% for ip in (ips | ipv6) %}
|
||||
{% for ip in (ips | ansible.utils.ipv6) %}
|
||||
address {{ ip }}/64
|
||||
{% endfor %}
|
||||
{% if item.gateway_v6 is defined %}
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ restrict source notrap nomodify noquery
|
|||
|
||||
# Server on adm can sync
|
||||
{% for cidr in ntp_server.open %}
|
||||
restrict {{ cidr | ipaddr('network') }} mask {{ cidr | ipaddr('netmask') }} notrap nomodify
|
||||
restrict {{ cidr | ansible.utils.ipaddr('network') }} mask {{ cidr | ansible.utils.ipaddr('netmask') }} notrap nomodify
|
||||
{% endfor %}
|
||||
|
||||
# Clients from this (example!) subnet have unlimited access, but only if
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
{% if postfix.primary or postfix.secondary %}
|
||||
# Les mailing-listes sont delivrees sur un serveur à part
|
||||
lists.crans.org smtp:[{{ query('ldap', 'ip', 'mailman', 'adm') | ipv4 | first }}]
|
||||
lists.crans.org smtp:[{{ query('ldap', 'ip', 'mailman', 'adm') | ansible.utils.ipv4 | first }}]
|
||||
# C'est le serveur des adherents qui fait les livraisons des
|
||||
# adresses clubs et adherents
|
||||
crans.org smtp:[users.adm.crans.org]
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ server {
|
|||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
server_name {{ (query('ldap', 'ip', 're2o', 'adm') | ipv4)[0] }} re2o.adm.crans.org intranet.crans.org intranet.infra.crans.org; # Modify this value according to your infrastructure.
|
||||
server_name {{ (query('ldap', 'ip', 're2o', 'adm') | ansible.utils.ipv4)[0] }} re2o.adm.crans.org intranet.crans.org intranet.infra.crans.org; # Modify this value according to your infrastructure.
|
||||
charset utf-8;
|
||||
|
||||
server_tokens off;
|
||||
|
|
|
|||
Loading…
Reference in New Issue