60 lines
1.8 KiB
YAML
60 lines
1.8 KiB
YAML
---
|
|
# increase memory size
|
|
mem_size: 512
|
|
|
|
intnet: "{{ network_interfaces[0].ipaddr + '/' + network_interfaces[0].netmask }}"
|
|
intdomain: "{{ inventory_hostname.split('.')[1:] | join('.') }}"
|
|
|
|
network_vip_interfaces:
|
|
- device: vio0
|
|
vhid: 1
|
|
ipaddr: "{{ intnet | ansible.utils.ipaddr(1) | ansible.utils.ipaddr('address') }}"
|
|
netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
|
|
pass: "{{ vip1_pass }}"
|
|
priority: 120
|
|
- device: vio0
|
|
vhid: 10
|
|
ipaddr: "{{ intnet | ansible.utils.ipaddr(10) | ansible.utils.ipaddr('address') }}"
|
|
netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
|
|
pass: "{{ vip10_pass }}"
|
|
priority: 120
|
|
- device: vio0
|
|
vhid: 11
|
|
ipaddr: "{{ intnet | ansible.utils.ipaddr(11) | ansible.utils.ipaddr('address') }}"
|
|
netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
|
|
pass: "{{ vip11_pass }}"
|
|
priority: "{{ vip11_priority }}"
|
|
- device: vio0
|
|
vhid: 12
|
|
ipaddr: "{{ intnet | ansible.utils.ipaddr(12) | ansible.utils.ipaddr('address') }}"
|
|
netmask: "{{ intnet | ansible.utils.ipaddr('netmask') }}"
|
|
pass: "{{ vip12_pass }}"
|
|
priority: "{{ vip12_priority }}"
|
|
network_ether_interfaces:
|
|
- device: vio1
|
|
proto: none
|
|
|
|
unbound_zones:
|
|
- 144-28.96.16.37.in-addr.arpa
|
|
- foo.sh
|
|
- >-
|
|
{% set reverse = intnet | ansible.utils.ipaddr('network') | ansible.utils.ipaddr('revdns') -%}
|
|
{% if intnet | ansible.utils.ipaddr('prefix') < 24 -%}
|
|
{{ reverse[:-1] | split('.', 2) | last -}}
|
|
{% else -%}
|
|
{{ reverse[:-1] | split('.', 1) | last -}}
|
|
{% endif -%}
|
|
- "{{ intdomain }}"
|
|
|
|
# use custom firewall config
|
|
firewall_src: pf.conf.gw_dna.j2
|
|
|
|
# unbound config
|
|
unbound_config: unbound.conf.dna.j2
|
|
|
|
# ifstated config
|
|
ifstated_config: ifstated-dna.conf.j2
|
|
|
|
# ssh host alaises
|
|
ssh_hostnames:
|
|
- "gw.{{ inventory_hostname.split('.')[1] }}.foo.sh"
|