diff options
Diffstat (limited to 'ansible')
| -rw-r--r-- | ansible/group_vars/all/ipam.yml | 18 | ||||
| -rw-r--r-- | ansible/host_vars/danneri/systemd-networkd.yml | 2 | ||||
| -rw-r--r-- | ansible/host_vars/lhn2pi/all.yml | 2 | ||||
| -rw-r--r-- | ansible/inventory | 2 | ||||
| -rw-r--r-- | ansible/plays/danneri.yml | 14 | ||||
| -rw-r--r-- | ansible/plays/files/danneri/systemd-networkd/enp1s0.network | 6 | ||||
| -rw-r--r-- | ansible/plays/lhn2pi.yml | 4 | ||||
| -rw-r--r-- | ansible/plays/templates/danneri/systemd-networkd/enp1s0.network | 8 | ||||
| -rw-r--r-- | ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network | 7 | ||||
| -rw-r--r-- | ansible/prometheus/deploy-config.yml | 19 | ||||
| -rw-r--r-- | ansible/prometheus/files/conflatorio/prometheus.yml | 25 | ||||
| -rw-r--r-- | ansible/roles/systemd-networkd/handlers/main.yml | 5 | ||||
| -rw-r--r-- | ansible/roles/systemd-networkd/tasks/main.yml | 17 |
13 files changed, 119 insertions, 10 deletions
diff --git a/ansible/group_vars/all/ipam.yml b/ansible/group_vars/all/ipam.yml index 2f9bed1..6c61600 100644 --- a/ansible/group_vars/all/ipam.yml +++ b/ansible/group_vars/all/ipam.yml @@ -14,7 +14,7 @@ ipam6: description: Internal network on host range: "fdb1:4242:3538:2001::/64" hosts: - - conflatorio-ix: "fdb1:4242:3538:2001::ffff/64" + conflatorio-ix: "fdb1:4242:3538:2001::ffff/64" conflatorio_docker: range: "fdb1:4242:3538:2001:1001::/112" node1_dn42: @@ -24,14 +24,24 @@ ipam6: knot_dn42: range: "fdb1:4242:3538:2004::/64" hosts: - - knot: "fdb1:4242:3538:2004::ffff/64" + knot: "fdb1:4242:3538:2004::ffff/64" coregonus_dn42: range: "fdb1:4242:3538:2005::/64" hosts: - - coregonus-ix: "fdb1:4242:3538:2005::ffff/64" + coregonus-ix: "fdb1:4242:3538:2005::ffff/64" + danneri: "fdb1:4242:3538:2005:9422:d355:95b7:f170" coregonus_docker: range: "fdb1:4242:3538:2005:df01:676a:ec28:0a00/120" kv24_dn42: range: "fdb1:4242:3538:2006::/64" hosts: - - kv24ix: "fdb1:4242:3538:2006::ffff/64" + kv24ix: "fdb1:4242:3538:2006::ffff/64" + conflatorio_dn42_2: + range: "fdb1:4242:3538:2007:1001::/112" + lhn2_dn42: + range: "fdb1:4242:3538:2008::/64" + hosts: + lhn2pi: "fdb1:4242:3538:2008::ffff/64" + + dn42: + range: "fd00::/8" diff --git a/ansible/host_vars/danneri/systemd-networkd.yml b/ansible/host_vars/danneri/systemd-networkd.yml new file mode 100644 index 0000000..023e276 --- /dev/null +++ b/ansible/host_vars/danneri/systemd-networkd.yml @@ -0,0 +1,2 @@ +systemd_networkd__files: + - danneri/systemd-networkd/enp1s0.network diff --git a/ansible/host_vars/lhn2pi/all.yml b/ansible/host_vars/lhn2pi/all.yml new file mode 100644 index 0000000..447906a --- /dev/null +++ b/ansible/host_vars/lhn2pi/all.yml @@ -0,0 +1,2 @@ +systemd_networkd__files: + - lhn2pi/systemd/network/10-eth0.network diff --git a/ansible/inventory b/ansible/inventory index a21cbc9..845580f 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -46,6 +46,8 @@ all: kv24ix: coregonus: ansible_host: 192.168.10.190 + danneri: + ansible_host: 192.168.100.103 node1: ansible_host: 9859f51e-1e3e-4c05-a826-b7fbe18d91be.pub.instances.scw.cloud diff --git a/ansible/plays/danneri.yml b/ansible/plays/danneri.yml new file mode 100644 index 0000000..2e960ee --- /dev/null +++ b/ansible/plays/danneri.yml @@ -0,0 +1,14 @@ +- hosts: + - danneri + tasks: + - import_role: + name: systemd-networkd + + - meta: flush_handlers + + - become: yes + apt: + name: + - etckeeper + - import_role: + name: timezone diff --git a/ansible/plays/files/danneri/systemd-networkd/enp1s0.network b/ansible/plays/files/danneri/systemd-networkd/enp1s0.network new file mode 100644 index 0000000..7e12c2e --- /dev/null +++ b/ansible/plays/files/danneri/systemd-networkd/enp1s0.network @@ -0,0 +1,6 @@ +[Match] +Name=enp1s0 + +[Network] +DHCP=yes +IPv6AcceptRA=true diff --git a/ansible/plays/lhn2pi.yml b/ansible/plays/lhn2pi.yml new file mode 100644 index 0000000..614b926 --- /dev/null +++ b/ansible/plays/lhn2pi.yml @@ -0,0 +1,4 @@ +- hosts: + - lhn2pi + roles: + - systemd-networkd diff --git a/ansible/plays/templates/danneri/systemd-networkd/enp1s0.network b/ansible/plays/templates/danneri/systemd-networkd/enp1s0.network new file mode 100644 index 0000000..a4c84ee --- /dev/null +++ b/ansible/plays/templates/danneri/systemd-networkd/enp1s0.network @@ -0,0 +1,8 @@ +[Match] +Name=enp1s0 + +[Network] +DHCP=ipv4 + +[IPv6AcceptRA] +Token=static:{{ ipam6.networks.coregonus_dn42.hosts.danneri }} diff --git a/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network b/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network new file mode 100644 index 0000000..f17b3f9 --- /dev/null +++ b/ansible/plays/templates/lhn2pi/systemd/network/10-eth0.network @@ -0,0 +1,7 @@ +[Match] +Name=eth0 + +[Network] +DHCP=ipv4 +Address={{ ipam6.networks.lhn2_dn42.hosts.lhn2pi }} +# IPv6Forwarding=yes # needs newer systemd diff --git a/ansible/prometheus/deploy-config.yml b/ansible/prometheus/deploy-config.yml new file mode 100644 index 0000000..472d05c --- /dev/null +++ b/ansible/prometheus/deploy-config.yml @@ -0,0 +1,19 @@ +- hosts: + - conflatorio + tasks: + - become: yes + file: + path: /etc/docker-service/prometheus + state: directory + owner: root + group: root + + - become: yes + notify: reload prometheus + copy: + dest: /etc/docker-service/prometheus/prometheus.yml + src: "{{ inventory_hostname }}/prometheus.yml" + + handlers: + - name: reload prometheus + shell: docker kill --signal HUP prometheus diff --git a/ansible/prometheus/files/conflatorio/prometheus.yml b/ansible/prometheus/files/conflatorio/prometheus.yml new file mode 100644 index 0000000..9fc1316 --- /dev/null +++ b/ansible/prometheus/files/conflatorio/prometheus.yml @@ -0,0 +1,25 @@ +global: + scrape_interval: 15s + evaluation_interval: 15s + +rule_files: + # - "first.rules" + # - "second.rules" + +scrape_configs: + - job_name: prometheus + static_configs: + - targets: ['localhost:9090'] + + - job_name: node + static_configs: + - targets: + - "knot.vpn.trygvis.io:9100" + - "hash.vpn.trygvis.io:9323" + - "conflatorio.vpn.trygvis.io:9100" + + - job_name: bird + static_configs: + - targets: + - "knot.vpn.trygvis.io:9324" + - "conflatorio.vpn.trygvis.io:9324" diff --git a/ansible/roles/systemd-networkd/handlers/main.yml b/ansible/roles/systemd-networkd/handlers/main.yml index 9656da4..c9b2603 100644 --- a/ansible/roles/systemd-networkd/handlers/main.yml +++ b/ansible/roles/systemd-networkd/handlers/main.yml @@ -1,4 +1,5 @@ -- name: restart +- name: reload + become: yes systemd: name: systemd-networkd - state: restarted + state: reloaded diff --git a/ansible/roles/systemd-networkd/tasks/main.yml b/ansible/roles/systemd-networkd/tasks/main.yml index 13c167b..aed4168 100644 --- a/ansible/roles/systemd-networkd/tasks/main.yml +++ b/ansible/roles/systemd-networkd/tasks/main.yml @@ -1,9 +1,18 @@ -- systemd: +- become: yes + systemd: name: systemd-networkd state: started enabled: yes -- loop: "{{ systemd_networkd__files | default([]) }}" - copy: +- name: mkdir /etc/systemd/network + become: yes + file: + path: "/etc/systemd/network" + state: directory + owner: systemd-network + group: systemd-network +- become: yes + loop: "{{ systemd_networkd__files | default([]) }}" + template: src: "{{ item }}" dest: "/etc/systemd/network/{{ item | basename }}" - notify: restart + notify: reload |