31 lines
957 B
YAML
31 lines
957 B
YAML
---
|
|
datadisks:
|
|
- {size: 10, type: nvme}
|
|
|
|
network_vip_interfaces:
|
|
- device: eth0
|
|
vhid: 11
|
|
ipaddr: 172.20.20.11
|
|
netmask: 255.255.240.0
|
|
pass: "{{ vip11_pass }}"
|
|
- device: eth1
|
|
vhid: 25
|
|
ipaddr: 172.20.25.1
|
|
netmask: 255.255.0.0
|
|
pass: "{{ vip25_pass }}"
|
|
priority: "{{ vip25_priority }}"
|
|
|
|
firewall_in:
|
|
- {proto: tcp, port: 22, from: [172.20.20.0/22]}
|
|
- {proto: tcp, port: 25, from: [172.20.25.0/24]}
|
|
- {proto: tcp, port: 53, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 53, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 69, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 123, from: [172.20.25.0/24]}
|
|
- {proto: tcp, port: 443, from: [172.20.25.0/24]}
|
|
- {proto: udp, port: 514, from: [172.20.25.0/24]}
|
|
- {proto: tcp, port: 9100, from: [172.20.20.0/22]}
|
|
- {proto: tcp, port: 9116, from: [172.20.20.0/22]}
|
|
firewall_raw:
|
|
- "-A INPUT -i eth1 -d 224.0.0.0/8 -j ACCEPT"
|
|
- "-A INPUT -i eth1 -p vrrp -j ACCEPT"
|