40 lines
1.1 KiB
YAML
40 lines
1.1 KiB
YAML
---
|
|
datadisks:
|
|
- {size: 10, type: nvme}
|
|
|
|
unbound_zones:
|
|
- 25.20.172.in-addr.arpa
|
|
- oob.foo.sh
|
|
dhcpd_template: dhcpd.conf.oob.j2
|
|
dhcpd_ldap_filter: >-
|
|
(&(objectClass=ieee802Device)(objectClass=ipHost)(cn=*.oob.foo.sh))
|
|
|
|
network_vip_interfaces:
|
|
- device: eth0
|
|
vhid: 11
|
|
ipaddr: 172.20.20.21
|
|
netmask: 255.255.240.0
|
|
pass: "{{ vip21_pass }}"
|
|
- device: eth1
|
|
vhid: 25
|
|
ipaddr: 172.20.25.1
|
|
netmask: 255.255.255.0
|
|
pass: "{{ vip25_pass }}"
|
|
priority: "{{ vip25_priority }}"
|
|
|
|
firewall_in:
|
|
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
|
|
- {proto: tcp, port: 25, from: [172.20.25.0/24]}
|
|
- {proto: tcp, port: 53, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 53, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 69, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 123, from: [172.20.25.0/24]}
|
|
- {proto: tcp, port: 443, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 514, from: [172.20.25.0/24]}
|
|
- {proto: tcp, port: 9100, from: [172.20.20.0/22]}
|
|
- {proto: tcp, port: 9116, from: [172.20.20.0/22]}
|
|
firewall_raw:
|
|
- "ip daddr 224.0.0.0/8 accept"
|
|
|
|
sssd_allow_groups:
|
|
- sysadm
|