foo.sh/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add proxy hosts

Browse source
This commit is contained in:
Timo Makinen 2019-05-28 00:28:29 +03:00
parent dd19c94511
commit 5dc54dd8eb
5 changed files with 122 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
group_vars/proxy.yml Normal file
View file

@ -0,0 +1,46 @@
---
network_dns_servers:
- 172.20.20.10
- 172.20.21.7
- 172.20.21.8
network_dns_search:
- foo.sh
network_default_gateway: 37.16.96.145
network_carp_interfaces:
- device: vio0
vhid: 8
ipaddr: 172.20.20.8
netmask: 255.255.252.0
pass: "{{ carp8_pass }}"
advskew: "{{ carp8_advskew }}"
- device: vio0
vhid: 9
ipaddr: 172.20.20.9
netmask: 255.255.252.0
pass: "{{ carp9_pass }}"
advskew: "{{ carp9_advskew }}"
- device: vio1
vhid: 153
ipaddr: 37.16.96.153
netmask: 255.255.255.240
ip6addr: 2a00:4cc1:6:1006:feed:dead:beef:153
ip6netmask: 64
pass: "{{ carp153_pass }}"
advskew: "{{ carp153_advskew }}"
- device: vio1
vhid: 154
ipaddr: 37.16.96.154
netmask: 255.255.255.240
ip6addr: 2a00:4cc1:6:1006:feed:dead:beef:154
ip6netmask: 64
pass: "{{ carp154_pass }}"
advskew: "{{ carp154_advskew }}"
firewall_raw:
- pass quick proto carp
firewall_in:
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
- {proto: tcp, port: 80}
- {proto: tcp, port: 443}
- {proto: tcp, port: 636}

16
host_vars/proxy01.home.foo.sh.yml Normal file
View file

@ -0,0 +1,16 @@
---
interfaces: [[20, "52:54:00:ac:dc:0d"], [102, "52:54:00:ad:bc:0d"]]
vmhost: vmhost01.home.foo.sh
network_ether_interfaces:
- device: vio0
ipaddr: 172.20.21.13
netmask: 255.255.252.0
- device: vio1
proto: none
# kludge advskew values for carps
carp8_advskew: 0
carp9_advskew: 128
carp153_advskew: 0
carp154_advskew: 128

15
host_vars/proxy02.home.foo.sh.yml Normal file
View file

@ -0,0 +1,15 @@
---
interfaces: [[20, "52:54:00:ac:dc:0e"], [102, "52:54:00:ad:bc:0e"]]
vmhost: vmhost02.home.foo.sh
network_ether_interfaces:
- device: vio0
ipaddr: 172.20.21.14
netmask: 255.255.252.0
- device: vio1
proto: none
carp8_advskew: 128
carp9_advskew: 0
carp153_advskew: 128
carp154_advskew: 0

5
hosts
View file

@ -7,9 +7,14 @@ git02.home.foo.sh
[gw]
gw01.home.foo.sh
[proxy]
proxy01.home.foo.sh
proxy02.home.foo.sh
[centos7:children]
git
mirror
[openbsd:children]
gw
proxy

40
playbooks/proxy.yml Normal file
View file

@ -0,0 +1,40 @@
---
- import_playbook: "include/vm-create.yml myhosts=proxy"
- name: configure instance
hosts: proxy
user: root
gather_facts: true
vars_files:
- "{{ ansible_dir_private }}/vars.yml"
roles:
- base
- nginx/server
- role: nginx/site
site: foo.sh
redirect: https://www.foo.sh/
- role: nginx/site
site: autoconfig.foo.sh
- role: nginx/site
site: boot.foo.sh
- role: nginx/site
site: bitbucket.foo.sh
redirect: https://bitbucket.org/tmakinen/
- role: nginx/site
site: git.foo.sh
proxy: https://git02.home.foo.sh/
- role: nginx/site
site: id.foo.sh
proxy: https://ldap01.home.foo.sh/
- role: nginx/site
site: mirrors.foo.sh
proxy: https://mirror01.home.foo.sh/
- role: nginx/site
site: print.foo.sh
proxy: https://print01.home.foo.sh/
- role: nginx/site
site: wpad.foo.sh
- role: nginx/site
site: www.foo.sh