Deploy arpproxy service

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2022-06-28 13:39:34 +02:00 · 2022-06-28 13:39:34 +02:00 · bac8ffdc72
parent f7a2b1174b
commit bac8ffdc72
6 changed files with 55 additions and 0 deletions
--- a/group_vars/arpproxy.yml
+++ b/group_vars/arpproxy.yml
@ -0,0 +1,11 @@
+---
+glob_service_proxy:
+  git:
+    remote: https://gitlab.adm.crans.org/nounous/proxy.git
+    version: main
+  name: proxy
+  install_dir: /var/local/services/proxy
+  generated: false
+  cron:
+    frequency: "* * * * *"
+    options: "--alter"
--- a/host_vars/boeing.adm.crans.org.yml
+++ b/host_vars/boeing.adm.crans.org.yml
@ -16,3 +16,15 @@ loc_wireguard:
          endpoint: "{{ query('ldap', 'ip', 'sputnik', 'srv') | ipv4 | first }}:51820"
      post_up: "sysctl -w net.ipv4.conf.ens18.proxy_arp=1; sysctl -w net.ipv4.conf.sputnik.proxy_arp=1; sysctl -w net.ipv6.conf.ens18.proxy_ndp=1; sysctl -w net.ipv6.conf.sputnik.proxy_ndp=1; ip neigh add proxy {{ query('ldap', 'ip', 'sputnik', 'adm') | ipv6 | first }} dev ens18"
      post_down: "sysctl -w net.ipv4.conf.ens18.proxy_arp=0; sysctl -w net.ipv4.conf.sputnik.proxy_arp=0; sysctl -w net.ipv6.conf.ens18.proxy_ndp=0; sysctl -w net.ipv6.conf.sputnik.proxy_ndp=0; ip neigh delete proxy {{ query('ldap', 'ip', 'sputnik', 'adm') | ipv6 | first }} dev ens18"
+
+loc_service_proxy:
+  config:
+    ldap:
+      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
+    protocol: "proxy"
+    filter: "adm.crans.org"
+    proxy:
+      default: "ens18"
+      viarezo: "sputnik"
+      aurore: "sputnik"
+      ovh: "sputnik"
--- a/host_vars/routeur-ft.adm.crans.org.yml
+++ b/host_vars/routeur-ft.adm.crans.org.yml
@ -2,3 +2,13 @@
 interfaces:
  adm: ens18
  auto: ens19
+
+loc_service_proxy:
+  config:
+    ldap:
+      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
+    protocol: "proxy"
+    filter: "adm.crans.org"
+    proxy:
+      default: "wg0"
+      viarezo: "ens18"
--- a/host_vars/routeur-thot.adm.crans.org.yml
+++ b/host_vars/routeur-thot.adm.crans.org.yml
@ -2,3 +2,13 @@
 interfaces:
  adm: ens18
  auto: ens19
+
+loc_service_proxy:
+  config:
+    ldap:
+      server: "ldaps://{{ query('ldap', 'ip', 'tealc', 'adm') | ipv4 | first }}/"
+    protocol: "proxy"
+    filter: "adm.crans.org"
+    proxy:
+      default: "wg0"
+      aurore: "ens18"
--- a/5
+++ b/5
@ -3,6 +3,11 @@
 [adh_server]
 zamok.adm.crans.org

+[arpproxy]
+boeing.adm.crans.org
+routeur-ft.adm.crans.org
+#routeur-thot.adm.crans.org
+
 [autoconfig]
 hodaur.adm.crans.org

--- a/plays/arpproxy.yml
+++ b/plays/arpproxy.yml
@ -0,0 +1,7 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts: arpproxy
+  vars:
+    service: "{{ glob_service_proxy | default({}) | combine(loc_service_proxy | default({})) }}"
+  roles:
+    - service