ansible-ffibk/inventory/group_vars/all
Tobias Hachmer 869dd5b62a
Migrate internal DNS master to PowerDNS
* Add playbook dns to manage internal dns master servers
 * Add role to manage PowerDNS Admin Web Frontend for PowerDNS
 * Move dns zone related data from mesh list to a simpler dict with a simple zone list
 * Update role service-bind-slave
 * Update Readme.md
 * Add requirements.yml
 * Update .gitignore
2019-03-20 19:43:11 +01:00

708 lines
15 KiB
Text

---
ansible_version_minimum: "2.6"
debug_fastd: False
site_code: ffmwu
site_name: "Mainz, Wiesbaden und Umgebung"
as_private: 65037
as_public_ffrl: 201701
internet_exit_tcp_mss_ipv4: 1240
internet_exit_tcp_mss_ipv6: 1220
icvpn_ipv4_transfer_net: 10.207.0.0/16
icvpn_ipv6_transfer_net: fec0::a:cf:0:0/96
loopback_net_ipv4: 10.87.255.0/24
loopback_net_ipv6: fd86:b4dc:4b1e:00ff::/64
anycast_ipv4: 10.87.255.255/32
anycast_ipv6: fd86:b4dc:4b1e:00ff:ffff:ffff:ffff:ffff/128
internal_prefixes:
- ipv4: 10.37.0.0/16
ipv6: fd37:b4dc:4b1e::/48
- ipv4: 10.56.0.0/16
ipv6: fd56:b4dc:4b1e::/48
- ipv4: 10.86.0.0/15
ipv6: fd86:b4dc:4b1e::/48
public_prefixes:
- ipv6: 2a03:2260:11a::/48
- ipv6: 2a03:2260:11b::/48
bgp_ipv4_transfer_net_legacy: 10.37.0.0/18
bgp_ipv6_transfer_net_legacy: fd37:b4dc:4b1e::/64
bgp_groups:
- ffmwu-gateways
- ffmwu-mesh-services
- ffmwu-monitoring
wireguard_networks:
- ipv4: 10.87.253.0/31
ipv6: fd86:b4dc:4b1e:fd::/127
peers:
- lotuswurzel
- spinat
port: 50000
- ipv4: 10.87.253.2/31
ipv6: fd86:b4dc:4b1e:fd::2/127
peers:
- lotuswurzel
- wasserfloh
port: 50001
- ipv4: 10.87.253.4/31
ipv6: fd86:b4dc:4b1e:fd::4/127
peers:
- lotuswurzel
- uffschnitt
port: 50002
- ipv4: 10.87.253.6/31
ipv6: fd86:b4dc:4b1e:fd::6/127
peers:
- lotuswurzel
- ingwer
port: 50003
- ipv4: 10.87.253.8/31
ipv6: fd86:b4dc:4b1e:fd::8/127
peers:
- spinat
- wasserfloh
port: 50004
- ipv4: 10.87.253.10/31
ipv6: fd86:b4dc:4b1e:fd::a/127
peers:
- spinat
- uffschnitt
port: 50005
- ipv4: 10.87.253.12/31
ipv6: fd86:b4dc:4b1e:fd::c/127
peers:
- spinat
- ingwer
port: 50006
- ipv4: 10.87.253.14/31
ipv6: fd86:b4dc:4b1e:fd::e/127
peers:
- ingwer
- wasserfloh
port: 50007
- ipv4: 10.87.253.16/31
ipv6: fd86:b4dc:4b1e:fd::10/127
peers:
- wasserfloh
- uffschnitt
port: 50008
- ipv4: 10.87.253.18/31
ipv6: fd86:b4dc:4b1e:fd::12/127
peers:
- ingwer
- uffschnitt
port: 50009
- ipv4: 10.87.253.20/31
ipv6: fd86:b4dc:4b1e:fd::14/127
peers:
- lotuswurzel
- kichererbse
port: 50010
# - ipv4: 10.87.253.22/31
# ipv6: fd86:b4dc:4b1e:fd::16/127
# peers:
# - lotuswurzel
# - zuckerwatte
# port: 50011
# - ipv4: 10.87.253.24/31
# ipv6: fd86:b4dc:4b1e:fd::18/127
# peers:
# - lotuswurzel
# - glueckskeks
# port: 50012
# - ipv4: 10.87.253.26/31
# ipv6: fd86:b4dc:4b1e:fd::1a/127
# peers:
# - lotuswurzel
# - aubergine
# port: 50013
- ipv4: 10.87.253.28/31
ipv6: fd86:b4dc:4b1e:fd::1c/127
peers:
- spinat
- kichererbse
port: 50014
# - ipv4: 10.87.253.30/31
# ipv6: fd86:b4dc:4b1e:fd::1e/127
# peers:
# - spinat
# - zuckerwatte
# port: 50015
# - ipv4: 10.87.253.32/31
# ipv6: fd86:b4dc:4b1e:fd::20/127
# peers:
# - spinat
# - glueckskeks
# port: 50016
# - ipv4: 10.87.253.34/31
# ipv6: fd86:b4dc:4b1e:fd::22/127
# peers:
# - spinat
# - aubergine
# port: 50017
- ipv4: 10.87.253.36/31
ipv6: fd86:b4dc:4b1e:fd::24/127
peers:
- wasserfloh
- kichererbse
port: 50018
# - ipv4: 10.87.253.38/31
# ipv6: fd86:b4dc:4b1e:fd::26/127
# peers:
# - wasserfloh
# - zuckerwatte
# port: 50019
# - ipv4: 10.87.253.40/31
# ipv6: fd86:b4dc:4b1e:fd::28/127
# peers:
# - wasserfloh
# - glueckskeks
# port: 50020
# - ipv4: 10.87.253.42/31
# ipv6: fd86:b4dc:4b1e:fd::2a/127
# peers:
# - wasserfloh
# - aubergine
# port: 50021
- ipv4: 10.87.253.44/31
ipv6: fd86:b4dc:4b1e:fd::2c/127
peers:
- uffschnitt
- kichererbse
port: 50022
# - ipv4: 10.87.253.46/31
# ipv6: fd86:b4dc:4b1e:fd::2e/127
# peers:
# - uffschnitt
# - zuckerwatte
# port: 50023
# - ipv4: 10.87.253.48/31
# ipv6: fd86:b4dc:4b1e:fd::30/127
# peers:
# - uffschnitt
# - glueckskeks
# port: 50024
# - ipv4: 10.87.253.50/31
# ipv6: fd86:b4dc:4b1e:fd::32/127
# peers:
# - uffschnitt
# - aubergine
# port: 50025
- ipv4: 10.87.253.52/31
ipv6: fd86:b4dc:4b1e:fd::34/127
peers:
- ingwer
- kichererbse
port: 50026
# - ipv4: 10.87.253.54/31
# ipv6: fd86:b4dc:4b1e:fd::36/127
# peers:
# - ingwer
# - zuckerwatte
# port: 50027
# - ipv4: 10.87.253.56/31
# ipv6: fd86:b4dc:4b1e:fd::38/127
# peers:
# - ingwer
# - glueckskeks
# port: 50028
# - ipv4: 10.87.253.58/31
# ipv6: fd86:b4dc:4b1e:fd::3a/127
# peers:
# - ingwer
# - aubergine
# port: 50029
- ipv4: 10.87.253.60/31
ipv6: fd86:b4dc:4b1e:fd::34/127
peers:
- lotuswurzel
- suesskartoffel
port: 50030
- ipv4: 10.87.253.62/31
ipv6: fd86:b4dc:4b1e:fd::36/127
peers:
- spinat
- suesskartoffel
port: 50031
- ipv4: 10.87.253.64/31
ipv6: fd86:b4dc:4b1e:fd::38/127
peers:
- ingwer
- suesskartoffel
port: 50032
- ipv4: 10.87.253.66/31
ipv6: fd86:b4dc:4b1e:fd::3a/127
peers:
- wasserfloh
- suesskartoffel
port: 50033
- ipv4: 10.87.253.68/31
ipv6: fd86:b4dc:4b1e:fd::3c/127
peers:
- uffschnitt
- suesskartoffel
port: 50034
- ipv4: 10.87.253.70/31
ipv6: fd86:b4dc:4b1e:fd::3e/127
peers:
- kichererbse
- suesskartoffel
port: 50036
fastd_groups:
- ffmwu-gateways
- ffmwu-monitoring
prometheus_groups:
- ffmwu-gateways
- ffmwu-mesh-services
- ffmwu-monitoring
node_exporter_opts: "--collector.systemd"
http_domain_internal: ffmwu.org
http_domain_external: freifunk-mwu.de
mail_domain: freifunk-mwu.de
acme_server: zuckerwatte
git_path: "/home/admin/clones"
gopath: "/opt/go"
meshes:
- id: dom0
domain_number: 0
domain_code: dom0
domain_name: Domain 0
aliases:
umland: Umland
ipv4_network: 10.86.0.0/20
ipv6_ula:
- fd86:b4dc:4b1e::/64
ipv6_public:
- 2a03:2260:11a:ff::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom0vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom0igvpn
- id: dom1
domain_number: 1
domain_code: dom1
domain_name: Domain 1
aliases:
mainz: Mainz
ipv4_network: 10.86.16.0/20
ipv6_ula:
- fd86:b4dc:4b1e:1::/64
ipv6_public:
- 2a03:2260:11a:1::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom1vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom1igvpn
- id: dom2
domain_number: 2
domain_code: dom2
domain_name: Domain 2
aliases:
wiesbaden: Wiesbaden
ipv4_network: 10.86.32.0/20
ipv6_ula:
- fd86:b4dc:4b1e:2::/64
ipv6_public:
- 2a03:2260:11a:2::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom2vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom2igvpn
- id: dom3
domain_number: 3
domain_code: dom3
domain_name: Domain 3
aliases:
bingen: Bingen
ipv4_network: 10.86.48.0/20
ipv6_ula:
- fd86:b4dc:4b1e:3::/64
ipv6_public:
- 2a03:2260:11a:3::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom3vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom3igvpn
- id: dom4
domain_number: 4
domain_code: dom4
domain_name: Domain 4
aliases:
rheingau: Rheingau
ipv4_network: 10.86.64.0/20
ipv6_ula:
- fd86:b4dc:4b1e:4::/64
ipv6_public:
- 2a03:2260:11a:4::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom4vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom4igvpn
- id: dom5
domain_number: 5
domain_code: dom5
domain_name: Domain 5
aliases:
taunus: Taunus
ipv4_network: 10.86.80.0/20
ipv6_ula:
- fd86:b4dc:4b1e:5::/64
ipv6_public:
- 2a03:2260:11a:5::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom5vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom5igvpn
- id: dom6
domain_number: 6
domain_code: dom6
domain_name: Domain 6
aliases:
limburg: Limburg
ipv4_network: 10.86.96.0/20
ipv6_ula:
- fd86:b4dc:4b1e:6::/64
ipv6_public:
- 2a03:2260:11a:6::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom6vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom6igvpn
- id: dom7
domain_number: 7
domain_code: dom7
domain_name: Domain 7
aliases:
weilrod: Weilrod
ipv4_network: 10.86.112.0/20
ipv6_ula:
- fd86:b4dc:4b1e:7::/64
ipv6_public:
- 2a03:2260:11a:7::/64
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
pass: fastd/dom7vpn
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
backbone:
instances:
- id: 0
mtu: 1406
pass: fastd/dom7igvpn
- id: mz
legacy: true
domain_number: 37
domain_code: ffmz
domain_name: Mainz
aliases:
ffbin: "Bingen (legacy)"
ffrhg: "Rheingau (legacy)"
ipv4_network: 10.37.0.0/18
ipv6_ula:
- fd37:b4dc:4b1e::/64
ipv6_public:
- 2a03:2260:11a::/64
dnssl:
- ffmz.org
- user.ffmz.org
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 86400
advpreferredlifetime: 14400
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
pass: fastd/mzvpn
backbone:
instances:
- id: 0
mtu: 1406
peers:
repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git
version: master
pass: fastd/mzigvpn
http_domain_internal: ffmz.org
http_domain_external: freifunk-mainz.de
- id: wi
legacy: true
domain_number: 56
domain_code: ffwi
domain_name: Wiesbaden
aliases:
ffta: "Taunus (legacy)"
ipv4_network: 10.56.0.0/18
ipv6_ula:
- fd56:b4dc:4b1e::/64
ipv6_public:
- 2a03:2260:11b::/64
dnssl:
- ffwi.org
- user.ffwi.org
batman:
it: 10000
gw: server 96mbit/96mbit
mm: 0
dat: 1
hop_penalty: 60
radvd:
maxrtradvinterval: 900
advvalidlifetime: 864000
advpreferredlifetime: 172800
iface_mtu: 1350
fastd:
nodes:
instances:
- id: 0
mtu: 1406
peers:
repo: https://github.com/freifunk-mwu/peers-ffmwu.git
version: master
pass: fastd/wivpn
backbone:
instances:
- id: 0
mtu: 1406
peers:
repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git
version: master
pass: fastd/wiigvpn
http_domain_internal: ffwi.org
http_domain_external: wiesbaden.freifunk.net
icvpn:
prefix: mwu
interface: icvpn
icvpn_repo: https://github.com/freifunk/icvpn
bgp_legacy_servers:
zuckerwatte:
ipv4: 10.37.1.2
ipv6: fd37:b4dc:4b1e::a25:102
aubergine:
ipv4: 10.37.1.3
ipv6: fd37:b4dc:4b1e::a25:103
glueckskeks:
ipv4: 10.37.1.1
ipv6: fd37:b4dc:4b1e::a25:101
extrasahne:
ipv4: 10.37.0.42
ipv6: fd37:b4dc:4b1e::a25:2a
dns_internal:
master_ipv4: 10.87.255.67
master_ipv6: fd86:b4dc:4b1e:ff::43
zones:
- ffmwu.org
- ffmz.org
- ffwi.org
- bb.ffmz.org
- bb.ffwi.org
- user.ffmz.org
- user.ffwi.org
- ffbin
- 37.10.in-addr.arpa
- 56.10.in-addr.arpa
- 86.10.in-addr.arpa
- 87.10.in-addr.arpa
- 0.0.0.0.e.1.b.4.c.d.4.b.7.3.d.f.ip6.arpa
- 0.0.0.0.e.1.b.4.c.d.4.b.6.5.d.f.ip6.arpa
- e.1.b.4.c.d.4.b.6.8.d.f.ip6.arpa