ip → ansible.utils.ip
parent
55e1fdc184
commit
a0ac6e7293
|
|
@ -4,7 +4,7 @@ glob_adh:
|
||||||
listen_local:
|
listen_local:
|
||||||
- "127.0.0.1:80"
|
- "127.0.0.1:80"
|
||||||
- "[::1]:80"
|
- "[::1]:80"
|
||||||
listen_network: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap }}"
|
listen_network: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap }}"
|
||||||
club_vhosts:
|
club_vhosts:
|
||||||
- from: pot-vieux.crans.org
|
- from: pot-vieux.crans.org
|
||||||
to: club-vieux/www
|
to: club-vieux/www
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
glob_home_nounou:
|
glob_home_nounou:
|
||||||
mounts:
|
mounts:
|
||||||
- ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /pool/home
|
mountpoint: /pool/home
|
||||||
target: /home_nounou
|
target: /home_nounou
|
||||||
name: home_nounou
|
name: home_nounou
|
||||||
|
|
|
||||||
|
|
@ -3,31 +3,31 @@ glob_network_interfaces:
|
||||||
vlan:
|
vlan:
|
||||||
- name: srv
|
- name: srv
|
||||||
id: 2
|
id: 2
|
||||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ipv4 | first }}"
|
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ansible.utils.ipv4 | first }}"
|
||||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ipv4 | first }}"
|
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ansible.utils.ipv4 | first }}"
|
||||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ipv6 | first }}"
|
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv') | ansible.utils.ipv6 | first }}"
|
||||||
- name: srv_nat
|
- name: srv_nat
|
||||||
id: 3
|
id: 3
|
||||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ipv4 | first }}"
|
gateway: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ansible.utils.ipv4 | first }}"
|
||||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ipv4 | first }}"
|
dns: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ansible.utils.ipv4 | first }}"
|
||||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ipv6 | first }}"
|
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'srv-nat') | ansible.utils.ipv6 | first }}"
|
||||||
- name: san
|
- name: san
|
||||||
id: 4
|
id: 4
|
||||||
extra:
|
extra:
|
||||||
- "mtu 9000"
|
- "mtu 9000"
|
||||||
- name: adm
|
- name: adm
|
||||||
id: 10
|
id: 10
|
||||||
dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ipv4 | first }}"
|
dns: "{{ query('ldap', 'ip', 'routeur-sam', 'adm') | ansible.utils.ipv4 | first }} {{ query('ldap', 'ip', 'routeur-daniel', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
- name: adh
|
- name: adh
|
||||||
id: 12
|
id: 12
|
||||||
gateway: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ipv4 | first }}"
|
gateway: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv4 | first }}"
|
||||||
dns: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ipv4 | first }}"
|
dns: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv4 | first }}"
|
||||||
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ipv6 | first }}"
|
gateway_v6: "{{ query('ldap', 'ip', 'passerelle', 'adh') | ansible.utils.ipv6 | first }}"
|
||||||
- name: adh_adm
|
- name: adh_adm
|
||||||
id: 13
|
id: 13
|
||||||
- name: renater
|
- name: renater
|
||||||
id: 38
|
id: 38
|
||||||
gateway: "{{ query('ldap', 'ip', 'dsi', 'renater') | ipv4 | first }}"
|
gateway: "{{ query('ldap', 'ip', 'dsi', 'renater') | ansible.utils.ipv4 | first }}"
|
||||||
- name: lp
|
- name: lp
|
||||||
id: 56
|
id: 56
|
||||||
- name: auto
|
- name: auto
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
glob_prometheus_nginx_exporter:
|
glob_prometheus_nginx_exporter:
|
||||||
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
glob_prometheus_node_exporter:
|
glob_prometheus_node_exporter:
|
||||||
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
listen_addr: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
glob_rsyslog_client:
|
glob_rsyslog_client:
|
||||||
server: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
server: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
loc_home_nounou:
|
loc_home_nounou:
|
||||||
mounts:
|
mounts:
|
||||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /home_nounou
|
mountpoint: /home_nounou
|
||||||
target: /home_nounou
|
target: /home_nounou
|
||||||
name: home_nounou
|
name: home_nounou
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
loc_ldap:
|
loc_ldap:
|
||||||
servers:
|
servers:
|
||||||
- "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
- "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -8,14 +8,14 @@ glob_constellation:
|
||||||
- 'intranet.crans.org'
|
- 'intranet.crans.org'
|
||||||
email:
|
email:
|
||||||
ssl: false
|
ssl: false
|
||||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 25
|
port: 25
|
||||||
user: ''
|
user: ''
|
||||||
password: ''
|
password: ''
|
||||||
from: "root@crans.org"
|
from: "root@crans.org"
|
||||||
from_full: "Crans <root@crans.org>"
|
from_full: "Crans <root@crans.org>"
|
||||||
database:
|
database:
|
||||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 5432
|
port: 5432
|
||||||
user: 'constellation'
|
user: 'constellation'
|
||||||
password: "{{ vault.constellation.django_db_password }}"
|
password: "{{ vault.constellation.django_db_password }}"
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@ glob_django_cas:
|
||||||
secret_key: "{{ vault.cas.secret_key }}"
|
secret_key: "{{ vault.cas.secret_key }}"
|
||||||
mail:
|
mail:
|
||||||
address: 'root@crans.org'
|
address: 'root@crans.org'
|
||||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 25
|
port: 25
|
||||||
|
|
||||||
loc_nginx:
|
loc_nginx:
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
---
|
---
|
||||||
glob_dovecot:
|
glob_dovecot:
|
||||||
ldap:
|
ldap:
|
||||||
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ipv4 | first }}/"
|
uri: "ldap://{{ query('ldap', 'ip', 're2o-ldap', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org'
|
dn: 'cn=dovecot,ou=service-users,dc=crans,dc=org'
|
||||||
pass: "{{ vault.dovecot_dnpass }}"
|
pass: "{{ vault.dovecot_dnpass }}"
|
||||||
users_base: 'cn=Utilisateurs,dc=crans,dc=org'
|
users_base: 'cn=Utilisateurs,dc=crans,dc=org'
|
||||||
home_path: '/home_adh'
|
home_path: '/home_adh'
|
||||||
inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap | join(', ') }}"
|
inet_listener: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap | join(', ') }}"
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
glob_ethercalc:
|
glob_ethercalc:
|
||||||
ip: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -19,5 +19,5 @@ glob_horde:
|
||||||
admin_dest_hostname: webmail.adm.crans.org
|
admin_dest_hostname: webmail.adm.crans.org
|
||||||
zone_ipv4: 172.16.10.0/24
|
zone_ipv4: 172.16.10.0/24
|
||||||
zone_ipv6: fd00:0:0:10::/64
|
zone_ipv6: fd00:0:0:10::/64
|
||||||
ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv4 | first }}"
|
ipv4: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
ipv6: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipv6 | first }}"
|
ipv6: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipv6 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
glob_keepalived:
|
glob_keepalived:
|
||||||
mail_source: keepalived@crans.org
|
mail_source: keepalived@crans.org
|
||||||
mail_destination: root@crans.org
|
mail_destination: root@crans.org
|
||||||
smtp_server: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
smtp_server: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
routeur_id: "{{ ansible_hostname }}"
|
routeur_id: "{{ ansible_hostname }}"
|
||||||
pool:
|
pool:
|
||||||
VI_ALL:
|
VI_ALL:
|
||||||
|
|
|
||||||
|
|
@ -57,13 +57,13 @@ glob_mailman3:
|
||||||
database:
|
database:
|
||||||
user: "mailman3"
|
user: "mailman3"
|
||||||
pass: "{{ vault.mailman3.database.pass }}"
|
pass: "{{ vault.mailman3.database.pass }}"
|
||||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 5432
|
port: 5432
|
||||||
name: "mailman3"
|
name: "mailman3"
|
||||||
web_database:
|
web_database:
|
||||||
user: "mailman3web"
|
user: "mailman3web"
|
||||||
pass: "{{ vault.mailman3.web_database.pass }}"
|
pass: "{{ vault.mailman3.web_database.pass }}"
|
||||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 5432
|
port: 5432
|
||||||
name: "mailman3web"
|
name: "mailman3web"
|
||||||
restadmin_pass: "{{ vault.mailman3.restadmin_pass }}"
|
restadmin_pass: "{{ vault.mailman3.restadmin_pass }}"
|
||||||
|
|
|
||||||
|
|
@ -8,14 +8,14 @@ glob_printer:
|
||||||
- 'imprimante.crans.org'
|
- 'imprimante.crans.org'
|
||||||
email:
|
email:
|
||||||
ssl: false
|
ssl: false
|
||||||
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'redisdead', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 25
|
port: 25
|
||||||
user: ''
|
user: ''
|
||||||
password: ''
|
password: ''
|
||||||
from: "root@crans.org"
|
from: "root@crans.org"
|
||||||
from_full: "Crans <root@crans.org>"
|
from_full: "Crans <root@crans.org>"
|
||||||
database:
|
database:
|
||||||
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
host: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
port: 5432
|
port: 5432
|
||||||
user: 'helloworld'
|
user: 'helloworld'
|
||||||
password: "{{ vault.printer.django_db_password }}"
|
password: "{{ vault.printer.django_db_password }}"
|
||||||
|
|
@ -27,9 +27,9 @@ glob_printer:
|
||||||
note_id: 2088
|
note_id: 2088
|
||||||
note_alias: 'Crans'
|
note_alias: 'Crans'
|
||||||
printer_name: 'Lexmark_X950_Series'
|
printer_name: 'Lexmark_X950_Series'
|
||||||
domain: "{{ query('ldap', 'ip', 'printer', 'lp') | ipv4 | first }}"
|
domain: "{{ query('ldap', 'ip', 'printer', 'lp') | ansible.utils.ipv4 | first }}"
|
||||||
scan_server:
|
scan_server:
|
||||||
address: "{{ query('ldap', 'ip', ansible_hostname, 'lp') | ipv4 | first }}"
|
address: "{{ query('ldap', 'ip', ansible_hostname, 'lp') | ansible.utils.ipv4 | first }}"
|
||||||
port: 9751
|
port: 9751
|
||||||
debug: false
|
debug: false
|
||||||
owner: www-data
|
owner: www-data
|
||||||
|
|
@ -38,7 +38,7 @@ glob_printer:
|
||||||
settings_local_owner: www-data
|
settings_local_owner: www-data
|
||||||
settings_local_group: _nounou
|
settings_local_group: _nounou
|
||||||
ldap:
|
ldap:
|
||||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
dn_template: uid=%(user)s,ou=passwd,dc=crans,dc=org
|
dn_template: uid=%(user)s,ou=passwd,dc=crans,dc=org
|
||||||
group_search: ou=group,dc=crans,dc=org
|
group_search: ou=group,dc=crans,dc=org
|
||||||
read_group: cn=_user,ou=group,dc=crans,dc=org
|
read_group: cn=_user,ou=group,dc=crans,dc=org
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
---
|
---
|
||||||
glob_re2o_front:
|
glob_re2o_front:
|
||||||
server_names:
|
server_names:
|
||||||
- "{{ query('ldap', 'ip', 're2o', 'adm') | ipv4 | first }}"
|
- "{{ query('ldap', 'ip', 're2o', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
- "[{{ query('ldap', 'ip', 're2o', 'adm') | ipv6 | first }}]"
|
- "[{{ query('ldap', 'ip', 're2o', 'adm') | ansible.utils.ipv6 | first }}]"
|
||||||
- re2o.adm.crans.org
|
- re2o.adm.crans.org
|
||||||
- intranet.adm.crans.org
|
- intranet.adm.crans.org
|
||||||
- re2o.crans.org
|
- re2o.crans.org
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
glob_re2o_ldap:
|
glob_re2o_ldap:
|
||||||
suffix: dc=crans,dc=org
|
suffix: dc=crans,dc=org
|
||||||
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ipv4 | first }}:636"
|
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ansible.utils.ipv4 | first }}:636"
|
||||||
root_password_hash: "{{ vault.slapd.re2o.admin.bindpass_hash }}"
|
root_password_hash: "{{ vault.slapd.re2o.admin.bindpass_hash }}"
|
||||||
certificate: "{{ vault.slapd.re2o.certificate }}"
|
certificate: "{{ vault.slapd.re2o.certificate }}"
|
||||||
private_key: "{{ vault.slapd.re2o.private_key }}"
|
private_key: "{{ vault.slapd.re2o.private_key }}"
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,7 @@ loc_nginx:
|
||||||
service_name: "roundcube"
|
service_name: "roundcube"
|
||||||
ssl: []
|
ssl: []
|
||||||
servers:
|
servers:
|
||||||
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
||||||
default: true
|
default: true
|
||||||
root: "/var/lib/roundcube"
|
root: "/var/lib/roundcube"
|
||||||
locations:
|
locations:
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
glob_slapd:
|
glob_slapd:
|
||||||
master_ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
master_ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
regex: "^(role:(dhcp|dns|dns-primary|dns-secondary|ftp|gitlab|miroir|ntp|pve|radius|backup)|ecdsa-sha2-nistp256:.*|ssh-(ed25519|dss|rsa):.*|description:.*|location:.*)$"
|
regex: "^(role:(dhcp|dns|dns-primary|dns-secondary|ftp|gitlab|miroir|ntp|pve|radius|backup)|ecdsa-sha2-nistp256:.*|ssh-(ed25519|dss|rsa):.*|description:.*|location:.*)$"
|
||||||
replication_credentials: "{{ vault.slapd.tealc.replication_credentials }}"
|
replication_credentials: "{{ vault.slapd.tealc.replication_credentials }}"
|
||||||
private_key: "{{ vault.slapd.tealc.private_key }}"
|
private_key: "{{ vault.slapd.tealc.private_key }}"
|
||||||
|
|
|
||||||
|
|
@ -4,17 +4,17 @@ glob_sssd:
|
||||||
domain: tealc.adm.crans.org
|
domain: tealc.adm.crans.org
|
||||||
enumerate: "true"
|
enumerate: "true"
|
||||||
servers:
|
servers:
|
||||||
- "ldaps://{{ query('ldap','ip','tealc','adm') | ipv4 | first }}/"
|
- "ldaps://{{ query('ldap','ip','tealc','adm') | ansible.utils.ipv4 | first }}/"
|
||||||
- "ldaps://{{ query('ldap','ip','sam','adm') | ipv4 | first }}/"
|
- "ldaps://{{ query('ldap','ip','sam','adm') | ansible.utils.ipv4 | first }}/"
|
||||||
- "ldaps://{{ query('ldap','ip','daniel','adm') | ipv4 | first }}/"
|
- "ldaps://{{ query('ldap','ip','daniel','adm') | ansible.utils.ipv4 | first }}/"
|
||||||
- "ldaps://{{ query('ldap','ip','jack','adm') | ipv4 | first }}/"
|
- "ldaps://{{ query('ldap','ip','jack','adm') | ansible.utils.ipv4 | first }}/"
|
||||||
base: "dc=crans,dc=org"
|
base: "dc=crans,dc=org"
|
||||||
secondary:
|
secondary:
|
||||||
domain: re2o-ldap.adm.crans.org
|
domain: re2o-ldap.adm.crans.org
|
||||||
enumerate: "false"
|
enumerate: "false"
|
||||||
servers:
|
servers:
|
||||||
- "ldaps://{{ query('ldap','ip','re2o-ldap','adm') | ipv4 | first }}/"
|
- "ldaps://{{ query('ldap','ip','re2o-ldap','adm') | ansible.utils.ipv4 | first }}/"
|
||||||
- "ldaps://{{ query('ldap','ip','terenez','adm') | ipv4 | first }}/"
|
- "ldaps://{{ query('ldap','ip','terenez','adm') | ansible.utils.ipv4 | first }}/"
|
||||||
base: "dc=crans,dc=org"
|
base: "dc=crans,dc=org"
|
||||||
bind:
|
bind:
|
||||||
dn: "{{ vault.sssd.secondary_ldap.binddn }}"
|
dn: "{{ vault.sssd.secondary_ldap.binddn }}"
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
loc_home_nounou:
|
loc_home_nounou:
|
||||||
mounts:
|
mounts:
|
||||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /home_nounou
|
mountpoint: /home_nounou
|
||||||
target: /home_nounou
|
target: /home_nounou
|
||||||
name: home_nounou
|
name: home_nounou
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
---
|
---
|
||||||
loc_ldap:
|
loc_ldap:
|
||||||
servers:
|
servers:
|
||||||
- "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
- "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@ glob_service_proxmox_user:
|
||||||
config:
|
config:
|
||||||
ldap:
|
ldap:
|
||||||
admin:
|
admin:
|
||||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
userBase: "ou=passwd,dc=crans,dc=org"
|
userBase: "ou=passwd,dc=crans,dc=org"
|
||||||
realm: "pam"
|
realm: "pam"
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|
|
||||||
|
|
@ -12,11 +12,11 @@ glob_service_proxmox_user:
|
||||||
config:
|
config:
|
||||||
ldap:
|
ldap:
|
||||||
admin:
|
admin:
|
||||||
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
uri: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
userBase: "ou=passwd,dc=crans,dc=org"
|
userBase: "ou=passwd,dc=crans,dc=org"
|
||||||
realm: "pam"
|
realm: "pam"
|
||||||
user:
|
user:
|
||||||
uri: "ldaps://{{ query('ldap', 'ip', 'flirt', 'adm') | ipv4 | first }}/"
|
uri: "ldaps://{{ query('ldap', 'ip', 'flirt', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
userBase: "ou=users,dc=adh,dc=crans,dc=org"
|
userBase: "ou=users,dc=adh,dc=crans,dc=org"
|
||||||
realm: "pve"
|
realm: "pve"
|
||||||
binddn: "{{ vault.ldap_adh_reader.binddn }}"
|
binddn: "{{ vault.ldap_adh_reader.binddn }}"
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@ loc_nginx:
|
||||||
service_name: wiki
|
service_name: wiki
|
||||||
ssl: []
|
ssl: []
|
||||||
servers:
|
servers:
|
||||||
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
- server_name: "{{ query('ldap', 'ip', ansible_hostname, 'adm') | ansible.utils.ipwrap + [ansible_hostname, ansible_hostname + '.adm.crans.org'] }}"
|
||||||
default: true
|
default: true
|
||||||
access_log: "/var/log/nginx/wiki.log combined"
|
access_log: "/var/log/nginx/wiki.log combined"
|
||||||
error_log: "/var/log/nginx/wiki.error.log"
|
error_log: "/var/log/nginx/wiki.error.log"
|
||||||
|
|
|
||||||
|
|
@ -4,14 +4,14 @@ interfaces:
|
||||||
|
|
||||||
loc_home_nounou:
|
loc_home_nounou:
|
||||||
mounts:
|
mounts:
|
||||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /home_nounou
|
mountpoint: /home_nounou
|
||||||
target: /home_nounou
|
target: /home_nounou
|
||||||
name: home_nounou
|
name: home_nounou
|
||||||
owner: root
|
owner: root
|
||||||
group: _user
|
group: _user
|
||||||
mode: '0750'
|
mode: '0750'
|
||||||
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /rpool/backup
|
mountpoint: /rpool/backup
|
||||||
target: /backup
|
target: /backup
|
||||||
name: backup
|
name: backup
|
||||||
|
|
|
||||||
|
|
@ -4,14 +4,14 @@ interfaces:
|
||||||
|
|
||||||
loc_home_nounou:
|
loc_home_nounou:
|
||||||
mounts:
|
mounts:
|
||||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /home_nounou
|
mountpoint: /home_nounou
|
||||||
target: /home_nounou
|
target: /home_nounou
|
||||||
name: home_nounou
|
name: home_nounou
|
||||||
owner: root
|
owner: root
|
||||||
group: _user
|
group: _user
|
||||||
mode: '0750'
|
mode: '0750'
|
||||||
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
- ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
mountpoint: /rpool/backup
|
mountpoint: /rpool/backup
|
||||||
target: /backup
|
target: /backup
|
||||||
name: backup
|
name: backup
|
||||||
|
|
|
||||||
|
|
@ -12,9 +12,9 @@ loc_wireguard:
|
||||||
peers:
|
peers:
|
||||||
- public_key: "{{ vault.wireguard.sputnik.pubkey }}"
|
- public_key: "{{ vault.wireguard.sputnik.pubkey }}"
|
||||||
allowed_ips:
|
allowed_ips:
|
||||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}/32"
|
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}/32"
|
||||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv6 | first }}/128"
|
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv6 | first }}/128"
|
||||||
endpoint: "{{ query('ldap', 'ip', 'sputnik', 'srv') | ipv4 | first }}:51820"
|
endpoint: "{{ query('ldap', 'ip', 'sputnik', 'srv') | ansible.utils.ipv4 | first }}:51820"
|
||||||
post_up:
|
post_up:
|
||||||
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
||||||
- "sysctl -w net.ipv6.conf.%i.proxy_ndp=1"
|
- "sysctl -w net.ipv6.conf.%i.proxy_ndp=1"
|
||||||
|
|
@ -63,7 +63,7 @@ loc_wireguard:
|
||||||
loc_service_proxy:
|
loc_service_proxy:
|
||||||
config:
|
config:
|
||||||
ldap:
|
ldap:
|
||||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
protocol: "proxy"
|
protocol: "proxy"
|
||||||
filter: "adm.crans.org"
|
filter: "adm.crans.org"
|
||||||
proxy:
|
proxy:
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'daniel', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'daniel', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: true
|
replica: true
|
||||||
replica_rid: 2
|
replica_rid: 2
|
||||||
|
|
||||||
loc_postgres:
|
loc_postgres:
|
||||||
version: 13
|
version: 13
|
||||||
replica: true
|
replica: true
|
||||||
addresses: "['daniel.adm.crans.org'] + {{ query('ldap', 'ip', 'daniel', 'adm') | ipaddr('address') }}"
|
addresses: "['daniel.adm.crans.org'] + {{ query('ldap', 'ip', 'daniel', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||||
|
|
||||||
loc_service_proxmox_user:
|
loc_service_proxmox_user:
|
||||||
cron: null
|
cron: null
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,6 @@ loc_borg:
|
||||||
- /var
|
- /var
|
||||||
|
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'ft', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: true
|
replica: true
|
||||||
replica_rid: 6
|
replica_rid: 6
|
||||||
|
|
|
||||||
|
|
@ -5,4 +5,4 @@ interfaces:
|
||||||
lp: ens20
|
lp: ens20
|
||||||
|
|
||||||
loc_snmp_exporter:
|
loc_snmp_exporter:
|
||||||
listen_address: "{{ query('ldap', 'ip', 'helloworld', 'adm') | ipv4 | first }}:9116"
|
listen_address: "{{ query('ldap', 'ip', 'helloworld', 'adm') | ansible.utils.ipv4 | first }}:9116"
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'jack', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'jack', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: true
|
replica: true
|
||||||
replica_rid: 3
|
replica_rid: 3
|
||||||
|
|
||||||
loc_postgres:
|
loc_postgres:
|
||||||
version: 13
|
version: 13
|
||||||
replica: true
|
replica: true
|
||||||
addresses: "['jack.adm.crans.org'] + {{ query('ldap', 'ip', 'jack', 'adm') | ipaddr('address') }}"
|
addresses: "['jack.adm.crans.org'] + {{ query('ldap', 'ip', 'jack', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||||
|
|
||||||
loc_service_proxmox_user:
|
loc_service_proxmox_user:
|
||||||
cron: null
|
cron: null
|
||||||
|
|
|
||||||
|
|
@ -4,4 +4,4 @@ interfaces:
|
||||||
srv_nat: eth1
|
srv_nat: eth1
|
||||||
|
|
||||||
loc_re2o_ldap_replica:
|
loc_re2o_ldap_replica:
|
||||||
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ipv4 | first }}:636"
|
url: "ldaps://{{ query('ldap', 'ip', 'yson-partou', 'adm') | ansible.utils.ipv4 | first }}:636"
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@ loc_wireguard:
|
||||||
allowed_ips:
|
allowed_ips:
|
||||||
- "{{ query('ldap', 'network', 'adm') }}"
|
- "{{ query('ldap', 'network', 'adm') }}"
|
||||||
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
||||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ipv4 | first }}:51821"
|
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ansible.utils.ipv4 | first }}:51821"
|
||||||
persistent_keepalive: 25
|
persistent_keepalive: 25
|
||||||
post_up:
|
post_up:
|
||||||
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
||||||
|
|
@ -29,7 +29,7 @@ loc_wireguard:
|
||||||
loc_service_proxy:
|
loc_service_proxy:
|
||||||
config:
|
config:
|
||||||
ldap:
|
ldap:
|
||||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
protocol: "proxy"
|
protocol: "proxy"
|
||||||
filter: "adm.crans.org"
|
filter: "adm.crans.org"
|
||||||
proxy:
|
proxy:
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@ loc_wireguard:
|
||||||
allowed_ips:
|
allowed_ips:
|
||||||
- "{{ query('ldap', 'network', 'adm') }}"
|
- "{{ query('ldap', 'network', 'adm') }}"
|
||||||
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
||||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ipv4 | first }}:51822"
|
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ansible.utils.ipv4 | first }}:51822"
|
||||||
persistent_keepalive: 25
|
persistent_keepalive: 25
|
||||||
post_up:
|
post_up:
|
||||||
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
- "sysctl -w net.ipv4.conf.%i.proxy_arp=1"
|
||||||
|
|
@ -30,7 +30,7 @@ loc_wireguard:
|
||||||
loc_service_proxy:
|
loc_service_proxy:
|
||||||
config:
|
config:
|
||||||
ldap:
|
ldap:
|
||||||
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
|
server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}/"
|
||||||
protocol: "proxy"
|
protocol: "proxy"
|
||||||
filter: "adm.crans.org"
|
filter: "adm.crans.org"
|
||||||
proxy:
|
proxy:
|
||||||
|
|
|
||||||
|
|
@ -6,11 +6,11 @@ loc_borg:
|
||||||
- /var
|
- /var
|
||||||
|
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'sam', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'sam', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: true
|
replica: true
|
||||||
replica_rid: 1
|
replica_rid: 1
|
||||||
|
|
||||||
loc_postgres:
|
loc_postgres:
|
||||||
version: 13
|
version: 13
|
||||||
replica: true
|
replica: true
|
||||||
addresses: "['sam.adm.crans.org'] + {{ query('ldap', 'ip', 'sam', 'adm') | ipaddr('address') }}"
|
addresses: "['sam.adm.crans.org'] + {{ query('ldap', 'ip', 'sam', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||||
|
|
|
||||||
|
|
@ -12,8 +12,8 @@ loc_wireguard:
|
||||||
tunnels:
|
tunnels:
|
||||||
- name: "sputnik"
|
- name: "sputnik"
|
||||||
addresses:
|
addresses:
|
||||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}/24"
|
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}/24"
|
||||||
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv6 | first }}/64"
|
- "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv6 | first }}/64"
|
||||||
listen_port: 51820
|
listen_port: 51820
|
||||||
private_key: "{{ vault.wireguard.sputnik.privkey }}"
|
private_key: "{{ vault.wireguard.sputnik.privkey }}"
|
||||||
peers:
|
peers:
|
||||||
|
|
@ -21,12 +21,12 @@ loc_wireguard:
|
||||||
allowed_ips:
|
allowed_ips:
|
||||||
- "{{ query('ldap', 'network', 'adm') }}"
|
- "{{ query('ldap', 'network', 'adm') }}"
|
||||||
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
- "fd00:0:0:{{ query('ldap', 'vlanid', 'adm') }}::/64"
|
||||||
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ipv4 | first }}:51820"
|
endpoint: "{{ query('ldap', 'ip', 'boeing', 'srv') | ansible.utils.ipv4 | first }}:51820"
|
||||||
post_up:
|
post_up:
|
||||||
- "/sbin/ip link set sputnik alias adm"
|
- "/sbin/ip link set sputnik alias adm"
|
||||||
|
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'sputnik', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'sputnik', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: true
|
replica: true
|
||||||
replica_rid: 4
|
replica_rid: 4
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -27,13 +27,13 @@ loc_postgres:
|
||||||
- {db: mailman3web, user: mailman3web}
|
- {db: mailman3web, user: mailman3web}
|
||||||
- {db: all, user: all, subnets: ['127.0.0.1/32', '::1/128'], local: true}
|
- {db: all, user: all, subnets: ['127.0.0.1/32', '::1/128'], local: true}
|
||||||
- {db: replication, user: replication, local: true}
|
- {db: replication, user: replication, local: true}
|
||||||
addresses: "['tealc.adm.crans.org'] + {{ query('ldap', 'ip', 'tealc', 'adm') | ipaddr('address') }}"
|
addresses: "['tealc.adm.crans.org'] + {{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipaddr('address') }}"
|
||||||
backup:
|
backup:
|
||||||
dir: /var/local/db-backup
|
dir: /var/local/db-backup
|
||||||
frequency: "{{ 60 | random(seed=inventory_hostname) }} {{ ((24 | random(seed=inventory_hostname))+12)%24 }} * * *"
|
frequency: "{{ 60 | random(seed=inventory_hostname) }} {{ ((24 | random(seed=inventory_hostname))+12)%24 }} * * *"
|
||||||
|
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'tealc', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: false
|
replica: false
|
||||||
|
|
||||||
loc_borg:
|
loc_borg:
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,6 @@ loc_borg:
|
||||||
- /var
|
- /var
|
||||||
|
|
||||||
loc_slapd:
|
loc_slapd:
|
||||||
ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ipv4 | first }}"
|
ip: "{{ query('ldap', 'ip', 'thot', 'adm') | ansible.utils.ipv4 | first }}"
|
||||||
replica: true
|
replica: true
|
||||||
replica_rid: 5
|
replica_rid: 5
|
||||||
|
|
|
||||||
|
|
@ -11,8 +11,8 @@ loc_wireguard:
|
||||||
peers:
|
peers:
|
||||||
- public_key: "{{ vault.wireguard.charybde.pubkey }}"
|
- public_key: "{{ vault.wireguard.charybde.pubkey }}"
|
||||||
allowed_ips:
|
allowed_ips:
|
||||||
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ipv4 | first }}/32"
|
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv4 | first }}/32"
|
||||||
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ipv6 | first }}/128"
|
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }}/128"
|
||||||
endpoint: "{{ query('ldap', 'ip', 'freebox', 'srv') | ipv4 | first }}:51820"
|
endpoint: "{{ query('ldap', 'ip', 'freebox', 'srv') | ansible.utils.ipv4 | first }}:51820"
|
||||||
post_up: "sysctl -w net.ipv4.conf.ens18.proxy_arp=1; sysctl -w net.ipv4.conf.gulp.proxy_arp=1; sysctl -w net.ipv6.conf.ens18.proxy_ndp=1; sysctl -w net.ipv6.conf.gulp.proxy_ndp=1; ip neigh add proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ipv6 | first }} dev ens18"
|
post_up: "sysctl -w net.ipv4.conf.ens18.proxy_arp=1; sysctl -w net.ipv4.conf.gulp.proxy_arp=1; sysctl -w net.ipv6.conf.ens18.proxy_ndp=1; sysctl -w net.ipv6.conf.gulp.proxy_ndp=1; ip neigh add proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }} dev ens18"
|
||||||
post_down: "sysctl -w net.ipv4.conf.ens18.proxy_arp=0; sysctl -w net.ipv4.conf.gulp.proxy_arp=0; sysctl -w net.ipv6.conf.ens18.proxy_ndp=0; sysctl -w net.ipv6.conf.gulp.proxy_ndp=0; ip neigh delete proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ipv6 | first }} dev ens18"
|
post_down: "sysctl -w net.ipv4.conf.ens18.proxy_arp=0; sysctl -w net.ipv4.conf.gulp.proxy_arp=0; sysctl -w net.ipv6.conf.ens18.proxy_ndp=0; sysctl -w net.ipv6.conf.gulp.proxy_ndp=0; ip neigh delete proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }} dev ens18"
|
||||||
|
|
|
||||||
|
|
@ -379,7 +379,7 @@ class LookupModule(LookupBase):
|
||||||
prefixv6: "{{ lookup('re2oapi', 'previxv6', 'adherents', 'adm') }}"
|
prefixv6: "{{ lookup('re2oapi', 'previxv6', 'adherents', 'adm') }}"
|
||||||
tasks:
|
tasks:
|
||||||
- debug:
|
- debug:
|
||||||
msg: "{{ prefixv6 | ipwrap }}"
|
msg: "{{ prefixv6 | ansible.utils.ipwrap }}"
|
||||||
|
|
||||||
The following will get the ip addresses of all servers with role
|
The following will get the ip addresses of all servers with role
|
||||||
dns-authorithary-master on vlan 2.
|
dns-authorithary-master on vlan 2.
|
||||||
|
|
|
||||||
|
|
@ -11,14 +11,14 @@ $TTL 0
|
||||||
)
|
)
|
||||||
|
|
||||||
@ IN NS passerelle.infra.crans.org
|
@ IN NS passerelle.infra.crans.org
|
||||||
passerelle.infra.crans.org IN A {{ (query('ldap', 'ip', 'passerelle', 'infra') | ipv4)[0] }}
|
passerelle.infra.crans.org IN A {{ (query('ldap', 'ip', 'passerelle', 'infra') | ansible.utils.ipv4)[0] }}
|
||||||
|
|
||||||
* IN CNAME crans.org
|
* IN CNAME crans.org
|
||||||
*.org IN CNAME crans.org
|
*.org IN CNAME crans.org
|
||||||
*.fr IN CNAME crans.org
|
*.fr IN CNAME crans.org
|
||||||
*.com IN CNAME crans.org
|
*.com IN CNAME crans.org
|
||||||
|
|
||||||
intranet.crans.org IN A 172.16.32.156 ; (query('ldap', 'ip', 'intranet', 'infra') | ipv4)[0]
|
intranet.crans.org IN A 172.16.32.156 ; (query('ldap', 'ip', 'intranet', 'infra') | ansible.utils.ipv4)[0]
|
||||||
intranet.infra.crans.org IN A 172.16.32.156
|
intranet.infra.crans.org IN A 172.16.32.156
|
||||||
|
|
||||||
unifi.infra.crans.org IN A {{ (query('ldap', 'ip', 'unifi', 'infra') | ipv4)[0] }}
|
unifi.infra.crans.org IN A {{ (query('ldap', 'ip', 'unifi', 'infra') | ansible.utils.ipv4)[0] }}
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,7 @@ include "./dhcp-failover.conf";
|
||||||
|
|
||||||
|
|
||||||
{% for subnet in dhcp.subnets %}
|
{% for subnet in dhcp.subnets %}
|
||||||
subnet {{ subnet.network | ipaddr('network') }} netmask {{ subnet.network | ipaddr('netmask') }} {
|
subnet {{ subnet.network | ansible.utils.netaddr('network') }} netmask {{ subnet.network | ansible.utils.netaddr('netmask') }} {
|
||||||
interface "{{ interfaces[subnet.vlan] }}";
|
interface "{{ interfaces[subnet.vlan] }}";
|
||||||
{% if subnet.default_lease_time is defined %}
|
{% if subnet.default_lease_time is defined %}
|
||||||
default-lease-time {{ subnet.default_lease_time }};
|
default-lease-time {{ subnet.default_lease_time }};
|
||||||
|
|
@ -43,8 +43,8 @@ subnet {{ subnet.network | ipaddr('network') }} netmask {{ subnet.network | ipad
|
||||||
{% if subnet.max_lease_time is defined %}
|
{% if subnet.max_lease_time is defined %}
|
||||||
max-lease-time {{ subnet.max_lease_time }};
|
max-lease-time {{ subnet.max_lease_time }};
|
||||||
{% endif %}
|
{% endif %}
|
||||||
option subnet-mask {{ subnet.network | ipaddr('netmask') }};
|
option subnet-mask {{ subnet.network | ansible.utils.netaddr('netmask') }};
|
||||||
option broadcast-address {{ subnet.network | ipaddr('broadcast') }};
|
option broadcast-address {{ subnet.network | ansible.utils.netaddr('broadcast') }};
|
||||||
{% if subnet.routers is defined %}
|
{% if subnet.routers is defined %}
|
||||||
option routers {{ subnet.routers }};
|
option routers {{ subnet.routers }};
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@ vrrp_instance {{ instance.name }} {
|
||||||
virtual_ipaddress {
|
virtual_ipaddress {
|
||||||
{% for zone in keepalived.pool[instance.name].zones %}
|
{% for zone in keepalived.pool[instance.name].zones %}
|
||||||
{% if zone.brd is undefined or zone.brd %}
|
{% if zone.brd is undefined or zone.brd %}
|
||||||
{{ zone.ipv4 }} brd {{ zone.ipv4 | ipaddr('broadcast') }} dev {{ interfaces[zone.vlan] }} scope global
|
{{ zone.ipv4 }} brd {{ zone.ipv4 | ansible.utils.ipaddr('broadcast') }} dev {{ interfaces[zone.vlan] }} scope global
|
||||||
{% else %}
|
{% else %}
|
||||||
{{ zone.ipv4 }} dev {{ interfaces[zone.vlan] }} scope global
|
{{ zone.ipv4 }} dev {{ interfaces[zone.vlan] }} scope global
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
||||||
|
|
@ -6,13 +6,13 @@ auto {{ interfaces[item.name] }}
|
||||||
iface {{ interfaces[item.name] }} inet dhcp
|
iface {{ interfaces[item.name] }} inet dhcp
|
||||||
iface {{ interfaces[item.name] }} inet6 auto
|
iface {{ interfaces[item.name] }} inet6 auto
|
||||||
{% else %}
|
{% else %}
|
||||||
{% set subnet_network = (query('ldap', 'network', vlan_name) | ipaddr('network')) %}
|
{% set subnet_network = (query('ldap', 'network', vlan_name) | ansible.utils.ipaddr('network')) %}
|
||||||
{% set subnet_netmask = (query('ldap', 'network', vlan_name) | ipaddr('netmask')) %}
|
{% set subnet_netmask = (query('ldap', 'network', vlan_name) | ansible.utils.ipaddr('netmask')) %}
|
||||||
{% set ips = query('ldap', 'ip', ansible_hostname, vlan_name) %}
|
{% set ips = query('ldap', 'ip', ansible_hostname, vlan_name) %}
|
||||||
{% if (ips | ipv4 | length) > 0 %}
|
{% if (ips | ansible.utils.ipv4 | length) > 0 %}
|
||||||
auto {{ interfaces[item.name] }}
|
auto {{ interfaces[item.name] }}
|
||||||
iface {{ interfaces[item.name] }} inet static
|
iface {{ interfaces[item.name] }} inet static
|
||||||
{% for ip in (ips | ipv4) %}
|
{% for ip in (ips | ansible.utils.ipv4) %}
|
||||||
address {{ ip }}
|
address {{ ip }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
network {{ subnet_network }}
|
network {{ subnet_network }}
|
||||||
|
|
@ -46,9 +46,9 @@ iface {{ interfaces[item.name] }} inet static
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if (ips | ipv6 | length) > 0 %}
|
{% if (ips | ansible.utils.ipv6 | length) > 0 %}
|
||||||
iface {{ interfaces[item.name] }} inet6 static
|
iface {{ interfaces[item.name] }} inet6 static
|
||||||
{% for ip in (ips | ipv6) %}
|
{% for ip in (ips | ansible.utils.ipv6) %}
|
||||||
address {{ ip }}/64
|
address {{ ip }}/64
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% if item.gateway_v6 is defined %}
|
{% if item.gateway_v6 is defined %}
|
||||||
|
|
|
||||||
|
|
@ -45,7 +45,7 @@ restrict source notrap nomodify noquery
|
||||||
|
|
||||||
# Server on adm can sync
|
# Server on adm can sync
|
||||||
{% for cidr in ntp_server.open %}
|
{% for cidr in ntp_server.open %}
|
||||||
restrict {{ cidr | ipaddr('network') }} mask {{ cidr | ipaddr('netmask') }} notrap nomodify
|
restrict {{ cidr | ansible.utils.ipaddr('network') }} mask {{ cidr | ansible.utils.ipaddr('netmask') }} notrap nomodify
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
# Clients from this (example!) subnet have unlimited access, but only if
|
# Clients from this (example!) subnet have unlimited access, but only if
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
{% if postfix.primary or postfix.secondary %}
|
{% if postfix.primary or postfix.secondary %}
|
||||||
# Les mailing-listes sont delivrees sur un serveur à part
|
# Les mailing-listes sont delivrees sur un serveur à part
|
||||||
lists.crans.org smtp:[{{ query('ldap', 'ip', 'mailman', 'adm') | ipv4 | first }}]
|
lists.crans.org smtp:[{{ query('ldap', 'ip', 'mailman', 'adm') | ansible.utils.ipv4 | first }}]
|
||||||
# C'est le serveur des adherents qui fait les livraisons des
|
# C'est le serveur des adherents qui fait les livraisons des
|
||||||
# adresses clubs et adherents
|
# adresses clubs et adherents
|
||||||
crans.org smtp:[users.adm.crans.org]
|
crans.org smtp:[users.adm.crans.org]
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,7 @@ server {
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
|
|
||||||
server_name {{ (query('ldap', 'ip', 're2o', 'adm') | ipv4)[0] }} re2o.adm.crans.org intranet.crans.org intranet.infra.crans.org; # Modify this value according to your infrastructure.
|
server_name {{ (query('ldap', 'ip', 're2o', 'adm') | ansible.utils.ipv4)[0] }} re2o.adm.crans.org intranet.crans.org intranet.infra.crans.org; # Modify this value according to your infrastructure.
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
|
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue