aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ansible/conflatorio.yml12
-rw-r--r--ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key1
-rw-r--r--ansible/group_vars/all/wireguard_wg-edipost.yml7
-rw-r--r--ansible/group_vars/conflatorio-lxc.yml1
-rw-r--r--ansible/inventory20
-rw-r--r--ansible/roles/lxc-machine/tasks/main.yml50
-rw-r--r--ansible/wireguard.yml8
7 files changed, 63 insertions, 36 deletions
diff --git a/ansible/conflatorio.yml b/ansible/conflatorio.yml
new file mode 100644
index 0000000..9d3a832
--- /dev/null
+++ b/ansible/conflatorio.yml
@@ -0,0 +1,12 @@
+- hosts:
+ - conflatorio-lxc
+ roles:
+ - lusers
+ - superusers
+ - lxc-machine
+ - role: packages
+ become: yes
+ tags: packages
+ - role: trygvis-base
+ become: yes
+ tags: trygvis-base
diff --git a/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key b/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key
new file mode 100644
index 0000000..dd3609c
--- /dev/null
+++ b/ansible/files/conflatorio/etc/wireguard/public-wg-edipost.key
@@ -0,0 +1 @@
+JwZ1bmkuCvZfzzVzWqpEt5+NRAQ/B3ciURg2Gg5jdVw=
diff --git a/ansible/group_vars/all/wireguard_wg-edipost.yml b/ansible/group_vars/all/wireguard_wg-edipost.yml
new file mode 100644
index 0000000..449f031
--- /dev/null
+++ b/ansible/group_vars/all/wireguard_wg-edipost.yml
@@ -0,0 +1,7 @@
+wireguard-wg-edipost:
+ if: wg-edipost
+ ipv4_prefix: 24
+ hosts:
+ conflatorio:
+ state: present
+ ipv4: 192.168.100.2
diff --git a/ansible/group_vars/conflatorio-lxc.yml b/ansible/group_vars/conflatorio-lxc.yml
new file mode 100644
index 0000000..02f7f9f
--- /dev/null
+++ b/ansible/group_vars/conflatorio-lxc.yml
@@ -0,0 +1 @@
+packages__version: stretch
diff --git a/ansible/inventory b/ansible/inventory
index f9bf9a2..1824e7f 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -22,6 +22,17 @@ all:
ansible_host: 192.168.10.201
unifi:
ansible_host: 192.168.10.202
+ conflatorio-test1:
+ ansible_host: "fd56:1ae9:097d:3ddd:6c53:1011:3bad:9498"
+ conflatorio-test2:
+ ansible_host: "fd56:1ae9:097d:3ddd:4c96:be16:9e04:c110"
+ conflatorio-test3:
+ ansible_host: "fd56:1ae9:097d:3ddd:02df:da1d:ccb7:97b9"
+ conflatorio-test4:
+ ansible_host: "fd56:1ae9:097d:3ddd:ecd7:7f0a:79cd:343c"
+ conflatorio-test5:
+ ansible_host: "fd56:1ae9:097d:3ddd:5375:e67b:7878:310d"
+
children:
workstation:
children:
@@ -49,11 +60,20 @@ all:
malabaricus:
nextcloud:
numquam:
+ children:
+ conflatorio-lxc:
lxc-hosts:
hosts:
arius:
birgitte:
conflatorio:
+ conflatorio-lxc:
+ hosts:
+ conflatorio-test1:
+ conflatorio-test2:
+ conflatorio-test3:
+ conflatorio-test4:
+ conflatorio-test5:
linode-dns-update:
hosts:
akysis:
diff --git a/ansible/roles/lxc-machine/tasks/main.yml b/ansible/roles/lxc-machine/tasks/main.yml
index 591b317..f6e927c 100644
--- a/ansible/roles/lxc-machine/tasks/main.yml
+++ b/ansible/roles/lxc-machine/tasks/main.yml
@@ -1,39 +1,23 @@
-- tags: enable-ipv6
- file:
- path: "/etc/sysctl.d/{{ item }}"
- state: absent
- notify: restart sysctl
- with_items:
- - 99-ipv6.conf
- - 99-enable-ipv6.conf
- - 99-disable-ipv6.conf
-
-- name: /etc/hosts
- copy:
- dest: /etc/hosts
- content: |
- 127.0.0.1 localhost
- 127.0.1.1 {{ ansible_ssh_extra_args }}.trygvis.io {{ ansible_ssh_extra_args }}
-
- # The following lines are desirable for IPv6 capable hosts
- ::1 localhost ip6-localhost ip6-loopback
- ff02::1 ip6-allnodes
- ff02::2 ip6-allrouters
-
- name: Remove default network setup packages
apt:
- name: "{{ item }}"
+ name: "{{ items }}"
state: absent
purge: true
- with_items:
- - ifupdown
- - net-tools
- - iproute2
- - isc-dhcp-client
+ vars:
+ items:
+ - ifupdown
+ - net-tools
+ - isc-dhcp-client
+
+- name: Remove default network setup packages
+ apt:
+ name: "{{ items }}"
+ install_recommends: no
+ vars:
+ items:
+ - iproute2
- name: system setup
- tags:
- - packages
block:
- name: misc packages
apt:
@@ -41,9 +25,3 @@
install_recommends: no
with_items:
- systemd-cron
- - ca-certificates
- - unzip
- - sudo
- - vim
- - less
- - ack
diff --git a/ansible/wireguard.yml b/ansible/wireguard.yml
index f22445d..1377834 100644
--- a/ansible/wireguard.yml
+++ b/ansible/wireguard.yml
@@ -29,5 +29,13 @@
roles:
- role: wireguard
wireguard__name: wireguard-wg-hesland
+ wireguard__state: absent
+
+- hosts:
+ - wireguard_edipost
+ tags: wg-edipost
+ roles:
+ - role: wireguard
+ wireguard__name: wireguard-wg-edipost
vars:
wg_net: "{{ hostvars[ansible_hostname][wireguard__name] }}"