From c9f3b7d0b7b23019f64a360f77af91a775e5a014 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Thu, 3 Sep 2020 17:59:43 +0000
Subject: [PATCH] Add ns02.home.foo.sh host

---
 group_vars/ns.yml                     | 19 ++++++++++++++++
 host_vars/ns02.home.foo.sh.yml        | 11 +++++++++
 hosts                                 |  4 ++++
 playbooks/ns.yml                      | 15 +++++++++++++
 roles/ifstated/files/ifstated-ns.conf | 32 +++++++++++++++++++++++++++
 5 files changed, 81 insertions(+)
 create mode 100644 group_vars/ns.yml
 create mode 100644 host_vars/ns02.home.foo.sh.yml
 create mode 100644 playbooks/ns.yml
 create mode 100644 roles/ifstated/files/ifstated-ns.conf

diff --git a/group_vars/ns.yml b/group_vars/ns.yml
new file mode 100644
index 0000000..c8a1ae4
--- /dev/null
+++ b/group_vars/ns.yml
@@ -0,0 +1,19 @@
+---
+firewall_in:
+  - {proto: tcp, port: 22, from: [172.20.20.0/22]}
+  - {proto: tcp, port: 53}
+  - {proto: udp, port: 53}
+#  - {proto: tcp, port: 853}
+
+ifstated_config: ifstated-ns.conf
+network_carp_interfaces:
+  - device: vio1
+    vhid: 157
+    ipaddr: 37.16.96.157
+    netmask: 255.255.255.240
+    pass: "{{ carp157_pass }}"
+
+nsd_server: ns1.foo.sh
+nsd_zones:
+  - foo.sh
+  - 144/28.96.16.37.in-addr.arpa
diff --git a/host_vars/ns02.home.foo.sh.yml b/host_vars/ns02.home.foo.sh.yml
new file mode 100644
index 0000000..7b1dce5
--- /dev/null
+++ b/host_vars/ns02.home.foo.sh.yml
@@ -0,0 +1,11 @@
+---
+vmhost: vmhost02.home.foo.sh
+network_interfaces:
+  - device: vio0
+    vlan: 20
+    mac: 52:54:00:ac:dc:30
+  - device: vio1
+    vlan: 102
+    proto: none
+
+nsd_master: true
diff --git a/hosts b/hosts
index 275035f..d875fc1 100644
--- a/hosts
+++ b/hosts
@@ -20,6 +20,9 @@ ldap02.home.foo.sh
 [log]
 log01.home.foo.sh
 
+[ns]
+ns02.home.foo.sh
+
 [proxy]
 proxy01.home.foo.sh
 proxy02.home.foo.sh
@@ -40,4 +43,5 @@ collab
 [openbsd:children]
 gw
 log
+ns
 proxy
diff --git a/playbooks/ns.yml b/playbooks/ns.yml
new file mode 100644
index 0000000..a028dc2
--- /dev/null
+++ b/playbooks/ns.yml
@@ -0,0 +1,15 @@
+---
+- import_playbook: "include/vm-create.yml myhosts=ns"
+
+- name: configure instance
+  hosts: ns
+  user: root
+  gather_facts: true
+
+  vars_files:
+    - "{{ ansible_private }}/vars.yml"
+
+  roles:
+    - base
+    - ifstated
+    - nsd
diff --git a/roles/ifstated/files/ifstated-ns.conf b/roles/ifstated/files/ifstated-ns.conf
new file mode 100644
index 0000000..988212d
--- /dev/null
+++ b/roles/ifstated/files/ifstated-ns.conf
@@ -0,0 +1,32 @@
+
+init-state auto
+
+if_carp_up="carp157.link.up"
+if_carp_down="carp157.link.down"
+
+state auto {
+    if $if_carp_up {
+        set-state master
+    }
+    if $if_carp_down {
+        set-state backup
+    }
+}
+
+state master {
+    init {
+        run "route delete default && route add default 37.16.96.145"
+    }
+    if $if_carp_down {
+        set-state backup
+    }
+}
+
+state backup {
+    init {
+        run "route delete default && route add default 172.20.20.1"
+    }
+    if $if_carp_up {
+        set-state master
+    }
+}