52 lines
1.0 KiB
YAML
52 lines
1.0 KiB
YAML
---
|
|
# Deploy tunnel
|
|
- hosts: boeing.adm.crans.org,sputnik.adm.crans.org
|
|
vars:
|
|
# Debian mirror on adm
|
|
debian_mirror: http://mirror.adm.crans.org/debian
|
|
roles:
|
|
- wireguard
|
|
|
|
# Deploy DHCP server
|
|
- hosts: dhcp.adm.crans.org
|
|
vars:
|
|
dhcp:
|
|
authoritative: true
|
|
roles:
|
|
- isc-dhcp-server
|
|
|
|
# Deploy recursive DNS cache server
|
|
- hosts: odlyd.adm.crans.org
|
|
roles:
|
|
- bind-recursive
|
|
|
|
# Deplay authoritative DNS server
|
|
- hosts: sputnik.adm.crans.org
|
|
roles:
|
|
- bind-authoritative
|
|
|
|
# Deploy firewall
|
|
- hosts: gulp.adm.crans.org
|
|
roles: [] # TODO
|
|
|
|
# Deploy Unifi Controller
|
|
- hosts: unifi.adm.crans.org
|
|
roles:
|
|
- unifi-controller
|
|
|
|
# Deploy Re2o
|
|
- hosts: otis.adm.crans.org
|
|
vars:
|
|
re2o:
|
|
owner: root
|
|
group: nounou
|
|
settings_local_owner: root
|
|
settings_local_group: root
|
|
db_password: "{{ vault_re2o_db_password }}"
|
|
django_secret_key: "{{ vault_re2o_django_secret_key }}"
|
|
aes_key: "{{ vault_re2o_aes_key }}"
|
|
ldap:
|
|
master_password: "{{ vault_ldap_master_password }}"
|
|
roles:
|
|
- re2o
|