58 lines
1.3 KiB
YAML
Executable File
58 lines
1.3 KiB
YAML
Executable File
#!/usr/bin/env ansible-playbook
|
|
---
|
|
- hosts: gitzly.adm.crans.org
|
|
vars:
|
|
certbot:
|
|
dns_rfc2136_name: certbot_adm_challenge.
|
|
dns_rfc2136_secret: "{{ vault_certbot_adm_dns_secret }}"
|
|
mail: root@crans.org
|
|
certname: adm.crans.org
|
|
domains: "*.adm.crans.org"
|
|
bind:
|
|
masters: "{{ lookup('re2oapi', 'get_role', 'dns-authoritary-master')[0] }}"
|
|
roles:
|
|
- certbot
|
|
|
|
# Deploy firewall
|
|
- hosts: gulp.adm.crans.org
|
|
roles: [] # TODO
|
|
|
|
# Deploy Unifi Controller
|
|
- hosts: unifi.adm.crans.org
|
|
roles:
|
|
- unifi-controller
|
|
|
|
# Configure routers
|
|
- hosts: gulp.adm.crans.org,odlyd.adm.crans.org,ipv6-zayo.adm.crans.org
|
|
roles:
|
|
- logall
|
|
- quagga
|
|
|
|
# Deploy BGP server configuration on IPv4 routers
|
|
- hosts: gulp.adm.crans.org,odlyd.adm.crans.org
|
|
vars:
|
|
zebra:
|
|
password: "{{ vault_zebra_password }}"
|
|
bgp:
|
|
as: 204515
|
|
router_id: 158.255.113.73
|
|
network: 185.230.76.0/22
|
|
neighbor: 158.255.113.72
|
|
remote_as: 8218
|
|
roles:
|
|
- quagga-ipv4
|
|
|
|
# Deploy BGP server configuration on IPv6 routers
|
|
- hosts: ipv6-zayo.adm.crans.org
|
|
vars:
|
|
zebra:
|
|
password: "{{ vault_zebra_password }}"
|
|
bgp:
|
|
as: 204515
|
|
router_id: 138.231.136.200
|
|
network: 2a0c:700::/32
|
|
neighbor: 2001:1b48:2:103::bb:1
|
|
remote_as: 8218
|
|
roles:
|
|
- quagga-ipv6
|