Remove dashes from group_vars names

This commit is contained in:
Julian Labus 2019-05-22 09:18:40 +02:00
parent e16b92563d
commit 3a77c2901f
No known key found for this signature in database
GPG key ID: 8AF209F2C6B3572A
29 changed files with 39 additions and 39 deletions

View file

@ -3,7 +3,7 @@
Wir, die Freifunk MWU Community, nutzen Ansible um unsere Freifunk Server aufzusetzen und zu konfigurieren. In Wir, die Freifunk MWU Community, nutzen Ansible um unsere Freifunk Server aufzusetzen und zu konfigurieren. In
diesem Repository verwalten wir unsere Ansible Roles und Playbooks. diesem Repository verwalten wir unsere Ansible Roles und Playbooks.
Ein Server muss minimal vorbereitet sein, bevor dieser per Ansible z.B. zu einem Freifunk-Gateway gemacht werden Ein Server muss minimal vorbereitet sein, bevor dieser per Ansible z.B. zu einem Freifunk-Gateway gemacht werden
kann. Die folgenden Voraussetzungen müssen erfüllt sein: kann. Die folgenden Voraussetzungen müssen erfüllt sein:
- Ein dedizierter (v)server muss existieren und unter einer IPv4- und einer IPv6-Adresse öffentlich erreichbar sein. - Ein dedizierter (v)server muss existieren und unter einer IPv4- und einer IPv6-Adresse öffentlich erreichbar sein.
@ -154,7 +154,7 @@ export PASSWORD_STORE_DIR=...
## Aufsetzen eines neuen Gateways ## Aufsetzen eines neuen Gateways
- FQDN im Inventory zur Gruppe ffmwu-gateways hinzufügen - FQDN im Inventory zur Gruppe gateways hinzufügen
- Host-Variablen setzen - Host-Variablen setzen
- inventory/host_vars/$FQDN - inventory/host_vars/$FQDN

View file

@ -1,2 +1,2 @@
[ffmwu-servers] [buildservers]
milchreis.freifunk-mwu.de milchreis.freifunk-mwu.de

View file

@ -1,3 +1,3 @@
[ffmwu-dns] [dns]
kichererbse.freifunk-mwu.de kichererbse.freifunk-mwu.de
linse.freifunk-mwu.de linse.freifunk-mwu.de

View file

@ -1,4 +1,4 @@
[ffmwu-gateways] [gateways]
ingwer.freifunk-mwu.de ingwer.freifunk-mwu.de
lotuswurzel.freifunk-mwu.de lotuswurzel.freifunk-mwu.de
uffschnitt.freifunk-mwu.de uffschnitt.freifunk-mwu.de

View file

@ -34,9 +34,9 @@ public_prefixes:
bgp_ipv4_transfer_net_legacy: 10.37.0.0/18 bgp_ipv4_transfer_net_legacy: 10.37.0.0/18
bgp_ipv6_transfer_net_legacy: fd37:b4dc:4b1e::/64 bgp_ipv6_transfer_net_legacy: fd37:b4dc:4b1e::/64
bgp_groups: bgp_groups:
- ffmwu-gateways - gateways
- ffmwu-mesh-services - services
- ffmwu-monitoring - monitoring
wireguard_networks: wireguard_networks:
- ipv4: 10.87.253.0/31 - ipv4: 10.87.253.0/31
@ -181,13 +181,13 @@ wireguard_networks:
port: 50027 port: 50027
fastd_groups: fastd_groups:
- ffmwu-gateways - gateways
- ffmwu-monitoring - monitoring
prometheus_groups: prometheus_groups:
- ffmwu-gateways - gateways
- ffmwu-mesh-services - services
- ffmwu-monitoring - monitoring
node_exporter_opts: "--collector.systemd" node_exporter_opts: "--collector.systemd"

View file

@ -1,5 +1,5 @@
--- ---
server_type: "mesh-service" server_type: "service"
magic: 67 magic: 67

View file

@ -1,5 +1,5 @@
--- ---
server_type: "mesh-service" server_type: "service"
magic: 71 magic: 71

View file

@ -1,2 +1,2 @@
[ffmwu-monitoring] [monitoring]
suesskartoffel.freifunk-mwu.de suesskartoffel.freifunk-mwu.de

View file

@ -1,2 +1,2 @@
[ffmwu-build-servers] [servers]
milchreis.freifunk-mwu.de milchreis.freifunk-mwu.de

View file

@ -1,3 +1,3 @@
[ffmwu-mesh-services] [services]
kichererbse.freifunk-mwu.de kichererbse.freifunk-mwu.de
linse.freifunk-mwu.de linse.freifunk-mwu.de

View file

@ -1,2 +1,2 @@
[test-vms] [test_vms]
local-test-vm.ffmwu.local ansible_host=192.168.137.7 require_dns=False local-test-vm.ffmwu.local ansible_host=192.168.137.7 require_dns=False

View file

@ -1,7 +1,7 @@
#!/usr/bin/ansible-playbook #!/usr/bin/ansible-playbook
--- ---
- name: Manage firmware buid servers - name: Manage firmware buid servers
hosts: ffmwu-build-servers hosts: buildservers
roles: roles:
- prerequisites - prerequisites

View file

@ -1,7 +1,7 @@
#!/usr/bin/ansible-playbook #!/usr/bin/ansible-playbook
--- ---
- name: Manage Freifunk Gateways - name: Manage Freifunk Gateways
hosts: ffmwu-gateways hosts: gateways
roles: roles:
- prerequisites - prerequisites

View file

@ -1,7 +1,7 @@
#!/usr/bin/ansible-playbook #!/usr/bin/ansible-playbook
--- ---
- name: Manage Monitoring Server - name: Manage Monitoring Server
hosts: ffmwu-monitoring hosts: monitoring
roles: roles:
- prerequisites - prerequisites

View file

@ -1,7 +1,7 @@
#!/usr/bin/ansible-playbook #!/usr/bin/ansible-playbook
--- ---
- name: Manage Mesh Services Servers. - name: Manage Mesh Services Servers.
hosts: ffmwu-mesh-services hosts: services
roles: roles:
- server-apt-repos - server-apt-repos

View file

@ -2,6 +2,6 @@
--- ---
- import_playbook: gateways.yml - import_playbook: gateways.yml
- import_playbook: monitoring.yml - import_playbook: monitoring.yml
- import_playbook: mesh-services.yml - import_playbook: services.yml
- import_playbook: dns.yml - import_playbook: dns.yml
- import_playbook: firmware-build-server.yml - import_playbook: buildservers.yml

View file

@ -61,7 +61,7 @@
loop: "{{ sysctl_settings_routing_basic }}" loop: "{{ sysctl_settings_routing_basic }}"
- name: set sysctl settings for ip forwarding - name: set sysctl settings for ip forwarding
when: server_type == "gateway" or server_type == "mesh-service" or server_type == "monitoring" when: server_type == "gateway" or server_type == "service" or server_type == "monitoring"
sysctl: sysctl:
name: "{{ item.name }}" name: "{{ item.name }}"
value: "{{ item.value }}" value: "{{ item.value }}"

View file

@ -40,13 +40,13 @@ Unattended-Upgrade::Origins-Pattern {
"origin=Debian,codename=sid,archive=unstable"; "origin=Debian,codename=sid,archive=unstable";
"origin=Freifunk MWU,codename=${distro_codename},label=Freifunk MWU"; "origin=Freifunk MWU,codename=${distro_codename},label=Freifunk MWU";
"origin=nginx,codename=${distro_codename},label=nginx,archive=stable"; "origin=nginx,codename=${distro_codename},label=nginx,archive=stable";
{% if 'ffmwu-monitoring' in group_names %} {% if 'monitoring' in group_names %}
"origin=yarn,codename=stable,archive=stable,label=yarn-stable"; "origin=yarn,codename=stable,archive=stable,label=yarn-stable";
"origin=Node Source,codename=${distro_codename},label=Node Source"; "origin=Node Source,codename=${distro_codename},label=Node Source";
"origin=InfluxDB,codename=${distro_codename},label=InfluxDB"; "origin=InfluxDB,codename=${distro_codename},label=InfluxDB";
"origin=grafana stable,codename=stable,archive=stable,label=grafana stable"; "origin=grafana stable,codename=stable,archive=stable,label=grafana stable";
{% endif %} {% endif %}
{% if 'ffmwu-dns' in group_names %} {% if 'dns' in group_names %}
"origin=PowerDNS,label=PowerDNS"; "origin=PowerDNS,label=PowerDNS";
{% endif %} {% endif %}
}; };

View file

@ -8,20 +8,20 @@ BIND_IP = "127.0.0.1"
BIND_PORT = 5001 BIND_PORT = 5001
PROXY = { PROXY = {
{% for host in groups["ffmwu-gateways"] %} {% for host in groups["gateways"] %}
"{{ host.rsplit('.freifunk-mwu.de')[0] }}" : 5000, "{{ host.rsplit('.freifunk-mwu.de')[0] }}" : 5000,
{% endfor %} {% endfor %}
} }
# Used for bgpmap # Used for bgpmap
ROUTER_IP = { ROUTER_IP = {
{% for host in groups["ffmwu-gateways"] %} {% for host in groups["gateways"] %}
"{{ host.rsplit('.freifunk-mwu.de')[0] }}" : [ "{{ loopback_net_ipv4 | ipsubnet(32, hostvars[host]['magic']) | ipaddr('address') }}", "{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}" ], "{{ host.rsplit('.freifunk-mwu.de')[0] }}" : [ "{{ loopback_net_ipv4 | ipsubnet(32, hostvars[host]['magic']) | ipaddr('address') }}", "{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}" ],
{% endfor %} {% endfor %}
} }
AS_NUMBER = { AS_NUMBER = {
{% for host in groups["ffmwu-gateways"] %} {% for host in groups["gateways"] %}
"{{ host.rsplit('.freifunk-mwu.de')[0] }}" : "{{ as_private }}", "{{ host.rsplit('.freifunk-mwu.de')[0] }}" : "{{ as_private }}",
{% endfor %} {% endfor %}
} }

View file

@ -6,7 +6,7 @@ LOG_LEVEL="WARNING"
BIND_IP = "{{ loopback_net_ipv4 | ipsubnet(32, magic) | ipaddr('address') }}" BIND_IP = "{{ loopback_net_ipv4 | ipsubnet(32, magic) | ipaddr('address') }}"
BIND_PORT = 5000 BIND_PORT = 5000
ACCESS_LIST = [ {% for host in groups["ffmwu-monitoring"] %}"{{ loopback_net_ipv4 | ipsubnet(32, hostvars[host]['magic']) | ipaddr('address') }}"{% if not loop.last %}, {% endif %}{% endfor %} ] ACCESS_LIST = [ {% for host in groups["monitoring"] %}"{{ loopback_net_ipv4 | ipsubnet(32, hostvars[host]['magic']) | ipaddr('address') }}"{% if not loop.last %}, {% endif %}{% endfor %} ]
# ??? # ???
IPV4_SOURCE = "10.207.0.37" IPV4_SOURCE = "10.207.0.37"

View file

@ -116,7 +116,7 @@ protocol kernel kernel_mwu {
if is_mwu_loopback() then accept; if is_mwu_loopback() then accept;
reject; reject;
}; };
merge paths yes limit {{ groups['ffmwu-gateways'] | length }}; merge paths yes limit {{ groups['gateways'] | length }};
kernel table ipt_mwu; kernel table ipt_mwu;
}; };

View file

@ -98,13 +98,13 @@ protocol kernel kernel_mwu {
{% else %} {% else %}
if is_mwu_anycast() then accept; if is_mwu_anycast() then accept;
{% endif %} {% endif %}
{% if server_type == "mesh-service" %} {% if server_type == "service" %}
if is_ula() then accept; if is_ula() then accept;
{% endif %} {% endif %}
if is_mwu_loopback() then accept; if is_mwu_loopback() then accept;
reject; reject;
}; };
merge paths yes limit {{ groups['ffmwu-gateways'] | length }}; merge paths yes limit {{ groups['gateways'] | length }};
kernel table ipt_mwu; kernel table ipt_mwu;
}; };

View file

@ -10,7 +10,7 @@ fastd_keys: '{{ git_path }}/peers-ffmwu'
key_ttl: 900 key_ttl: 900
gateways: gateways:
{% for gateway in groups['ffmwu-gateways'] %} {% for gateway in groups['gateways'] %}
- {{ gateway.rsplit('.freifunk-mwu.de')[0] }} - {{ gateway.rsplit('.freifunk-mwu.de')[0] }}
{% endfor %} {% endfor %}

View file

@ -13,7 +13,7 @@ server {
allow 127.0.0.0/8; allow 127.0.0.0/8;
allow ::1/128; allow ::1/128;
{% for group in ['ffmwu-monitoring', 'ffmwu-gateways'] %} {% for group in ['monitoring', 'gateways'] %}
{% for host in groups[group] %} {% for host in groups[group] %}
allow {{ lookup('dig', host, 'qtype=A') }}; allow {{ lookup('dig', host, 'qtype=A') }};
allow {{ lookup('dig', host, 'qtype=AAAA') }}; allow {{ lookup('dig', host, 'qtype=AAAA') }};

View file

@ -13,7 +13,7 @@ server {
allow 127.0.0.0/8; allow 127.0.0.0/8;
allow ::1/128; allow ::1/128;
{% for host in groups['ffmwu-monitoring'] %} {% for host in groups['monitoring'] %}
allow {{ lookup('dig', host, 'qtype=A') }}; allow {{ lookup('dig', host, 'qtype=A') }};
allow {{ lookup('dig', host, 'qtype=AAAA') }}; allow {{ lookup('dig', host, 'qtype=AAAA') }};
deny all; deny all;

View file

@ -47,7 +47,7 @@ scrape_configs:
scheme: "https" scheme: "https"
static_configs: static_configs:
- targets: - targets:
{% for host in groups['ffmwu-gateways'] %} {% for host in groups['gateways'] %}
- '{{ host }}:9281' - '{{ host }}:9281'
{% endfor %} {% endfor %}
relabel_configs: relabel_configs: