current

6 years ago · fb6bb8474b
--- a/group_vars/all/ips.yml
+++ b/group_vars/all/ips.yml
@@ -3,3 +3,7 @@ ips:
    ip: 172.23.48.1
    network: kita-pro-service-net
    subnet: 172.23.48.0/24
 -   host: kita-pro-vpn
    ip: 172.23.48.2
    network: kita-pro-service-net
    subnet: 172.23.48.0/24
--- a/group_vars/all/networks.yml
+++ b/group_vars/all/networks.yml
@@ -1,5 +1,10 @@
 networks:
  tg-net:
    subnets:
      - fd47:17e0:993c::/48
      - 172.23/16
  kita-pro-net:
    parent: tg-net
    site: kita-pro
@@ -14,6 +19,13 @@ networks:
      - fd47:17e0:993c:30::/64
      - 172.23.48/24
  testkita-net:
    parent: tg-net
    site: testkita
    subnets:
      - fd47:17e0:993c:31::/64
      - 172.23.49/24
  kita-stjs-net:
    parent: tg-net
    site: kita-pro
--- a/group_vars/vdesks/netif.yml
+++ b/group_vars/vdesks/netif.yml
--- a/group_vars/vpn_servers/netif.yml
+++ b/group_vars/vpn_servers/netif.yml
@@ -0,0 +1,20 @@
 netif_primary: virt
 netifs_profile:
  virt:
    networks:
      - kita-pro-service-net
    type: virt_ptp
    virt_host_netif: virt
    dns_resolvers:
      - fd47:17e0:993c:c2::c:1
      - fd47:17e0:993c:c2::c:2
      - fd47:17e0:993c:c2::c:3
  vpn:
    type: fastd
    networks:
      - kita-pro-service-net
    fastd_port: 10060
    fastd_peers: []
    babeld:
      redistribute_networks:
        - tg-net
--- a/host_files/kita-pro-vdesk/root/.local/share/fish/fish_history
+++ b/host_files/kita-pro-vdesk/root/.local/share/fish/fish_history
@@ -0,0 +1,2 @@
 - cmd: reboot
  when: 1536583700
--- a/host_files/kita-pro-vpn/fastd/vpn/peer.conf
+++ b/host_files/kita-pro-vpn/fastd/vpn/peer.conf
@@ -0,0 +1,5 @@
 key "c61a1701cf00cde38efcbd88d7b365f4d18c45290ffda6900677b18dcd3d0287";
 remote 172.23.48.2:10060;
 remote 51.68.177.5:10060;
 remote [fd47:17e0:993c:30:47:baff:fe21:28f9]:10060;
 float yes;
--- a/host_files/kita-pro-vpn/root/.local/share/fish/fish_history
+++ b/host_files/kita-pro-vpn/root/.local/share/fish/fish_history
@@ -0,0 +1,24 @@
 - cmd: top
  when: 1536587819
 - cmd: cat /dev/urandom 
  when: 1536587835
 - cmd: cat /dev/urandom 
  when: 1536588003
 - cmd: cat /dev/urandom | base32
  when: 1536588018
  paths:
    - /dev/urandom
 - cmd: cat /dev/urandom | base64
  when: 1536588024
  paths:
    - /dev/urandom
 - cmd: ip a
  when: 1536588206
 - cmd: cat /etc/network/interfaces
  when: 1536588218
  paths:
    - /etc/network/interfaces
 - cmd: cat /etc/network/interfaces.d/virt 
  when: 1536588220
  paths:
    - /etc/network/interfaces.d/virt
--- a/host_vars/kita-pro-vdesk/netif.yml
+++ b/host_vars/kita-pro-vdesk/netif.yml
@@ -13,6 +13,8 @@ netifs:
            type: eui64
        -   ip: 172.23.48.1/24
            type: host
        -   ip: 51.68.177.5/32
            type: static
        ll6: fe80::47:aff:fed8:5484
        mac: 02:47:0a:d8:54:84
        networks:
--- a/host_vars/kita-pro-vpn/netif.yml
+++ b/host_vars/kita-pro-vpn/netif.yml
@@ -0,0 +1,49 @@
 ansible_host: fd47:17e0:993c:30:47:baff:fe21:28f9
 netifs:
    virt:
        device: enp1s3
        dns_resolvers:
        - fd47:17e0:993c:c2::c:1
        - fd47:17e0:993c:c2::c:2
        - fd47:17e0:993c:c2::c:3
        eui64: 47:baff:fe21:28f9
        id: 308065413369
        ips:
        -   ip: fd47:17e0:993c:30:47:baff:fe21:28f9/64
            type: eui64
        -   ip: 172.23.48.2/24
            type: host
        -   ip: 51.68.177.5/32
            type: static
        ll6: fe80::47:baff:fe21:28f9
        mac: 02:47:ba:21:28:f9
        networks:
        - kita-pro-service-net
        type: virt_ptp
        virt_host_netif: virt
        virt_pci_id: 0
    vpn:
        babeld:
            redistribute_networks:
            - tg-net
        device: vpn
        eui64: 47:cdff:fe01:ea1f
        fastd_key: c61a1701cf00cde38efcbd88d7b365f4d18c45290ffda6900677b18dcd3d0287
        fastd_peers: []
        fastd_port: 10060
        fastd_remote:
        - 172.23.48.2:10060
        - 51.68.177.5:10060
        - '[fd47:17e0:993c:30:47:baff:fe21:28f9]:10060'
        id: 308382132767
        ips:
        -   ip: fd47:17e0:993c:30:47:cdff:fe01:ea1f/64
            type: eui64
        -   ip: 172.23.48.2/24
            type: host
        ll6: fe80::47:cdff:fe01:ea1f
        mac: 02:47:cd:01:ea:1f
        networks:
        - kita-pro-service-net
        type: fastd
 ssh_ip: fd47:17e0:993c:30:47:baff:fe21:28f9
--- a/host_vars/kita-pro-vpn/ssh_host_key.yml
+++ b/host_vars/kita-pro-vpn/ssh_host_key.yml
@@ -0,0 +1 @@
 ssh_host_key_ed25519_public: AAAAC3NzaC1lZDI1NTE5AAAAIJNs5NesENwxBenS5ErcgdKqDdqBOBT90t2GWBrIbyVq
--- a/host_vars/kita-pro-vpn/staging.yml
+++ b/host_vars/kita-pro-vpn/staging.yml
@@ -0,0 +1 @@
 stage: staging
--- a/host_vars/kita-pro-vpn/virt.yml
+++ b/host_vars/kita-pro-vpn/virt.yml
@@ -0,0 +1,19 @@
 filesystems:
 -   device: /dev/vda
    fstype: ext4
    keep: true
    mount_point: /
 swap_devices:
 -   device: /dev/vdb
    uuid: a5434f37-3986-5feb-9abc-f22f0a5ecb60
 virt_console: serial
 virt_disks:
 -   boot: true
    name: root
    size: 32G
    type: qcow2
 -   name: swap
    size: 2G
    type: raw
 virt_host: tg-srv-0
 virt_uuid: 5adee200-b8c7-4e7d-bf71-d2381ec85fbb
--- a/inventory
+++ b/inventory
@@ -3,3 +3,6 @@ tg-srv-0
 [vdesks]
 kita-pro-vdesk
 [vpn_servers]
 kita-pro-vpn
--- a/vpn_servers.yml
+++ b/vpn_servers.yml
@@ -0,0 +1,36 @@
 ---
 - hosts: vpn_servers
  gather_facts: false
  roles:
    - name: staging
      default_stage: provisioning
 - hosts: vpn_servers:&provisioning
  remote_user: root
  gather_facts: false
  roles:
    - role: netif
    - role: virt_provision
    - role: common
    - name: staging
      next_stage: staging
 - hosts: vpn_servers
  remote_user: root
  roles:
    #- role: common
    - role: network
 # - hosts: vpn_servers:&staging
 #   remote_user: root
 #   roles:
 #     - name: staging
 #       next_stage: production
 # - hosts: vpn_servers:&recycling
 #   remote_user: root
 #   gather_facts: false
 #   roles:
 #     - role: virt
 #       virt_state: absent