Kapisi/examples/msn0.yml

308 lines
13 KiB
YAML
Raw Normal View History

2020-10-08 16:33:19 -05:00
all:
vars:
2021-12-19 21:32:19 -06:00
# Environment-wide data
external_domain: aninix.net
2022-04-19 12:01:03 -05:00
replica_domain: "MSN0.AniNIX.net"
2021-12-19 21:32:19 -06:00
time_zone: "America/Chicago"
# Services used by all
router: 10.0.1.1
2022-01-25 23:54:43 -06:00
netmask: 24
2021-12-19 21:32:19 -06:00
dhcprange: '10.0.1.224,10.0.1.254,255.255.255.0,12h'
staticrange: '10.0.1.1,10.0.1.223,255.255.255.0,12h'
2022-04-19 12:01:03 -05:00
dns: "10.0.1.2"
logserver: "10.0.1.16"
webfront: "10.0.1.3"
2023-11-30 02:47:16 -06:00
mirroruri: "http://Maat.MSN0.AniNIX.net:9129/repo/archlinux/$repo/os/$arch"
2021-12-19 21:32:19 -06:00
# Standards
2021-03-16 03:09:19 -05:00
daemon_shell: /sbin/nologin
2021-12-19 21:32:19 -06:00
user_shell: /bin/bash
2022-01-25 23:54:43 -06:00
ansible_become_method: sudo
ansible_become_user: root
static: false
wireless_ssid: 'Shadowfeed'
ansible_python_interpreter: auto_silent
2022-12-18 22:23:17 -06:00
ldap:
server: "10.0.1.3"
orgdn: "dc=aninix,dc=net"
binduser: 'binduser'
userou: 'ou=People'
organization: # Information about the group
admin: 'DarkFeather'
email: 'ircs://irc.aninix.net:6697/DarkFeather'
displayname: 'AniNIX'
gpgkey: '904DE6275579CB589D85720C1CC1E3F4ED06F296'
2022-12-18 22:23:17 -06:00
ssl: # Standard SSL cryptographic standards
identity: 'aninix.net-0001' # The Let's Encrypt identity to use
ciphersuite: "!NULL:!SSLv2:!SSLv3:!TLSv1:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
2020-10-08 16:33:19 -05:00
children:
2021-03-16 03:09:19 -05:00
managed:
children:
2022-01-25 23:54:43 -06:00
physical: # 10.0.1.0/28
2021-03-16 03:09:19 -05:00
hosts:
2021-12-19 21:32:19 -06:00
Nazara:
ipinterface: eth0
ip: 10.0.1.2
mac: B8:27:EB:B6:AA:0C
2022-01-25 23:54:43 -06:00
static: true
2023-11-30 02:44:01 -06:00
Node1:
2023-12-07 13:28:54 -06:00
ipinterface: enp1s0
2023-11-30 02:44:01 -06:00
ip: 10.0.1.5
2023-12-07 13:28:54 -06:00
mac: FA:EC:43:87:4D:2D
2023-11-30 02:44:01 -06:00
tap: true
2023-12-21 12:58:32 -06:00
ups: 'aps'
2023-11-30 02:44:01 -06:00
Node2:
2023-12-07 13:28:54 -06:00
ipinterface: enp1s0
2023-11-30 02:44:01 -06:00
ip: 10.0.1.7
2023-12-07 13:28:54 -06:00
mac: 56:02:ef:2c:1f:7c
2023-11-30 02:44:01 -06:00
tap: true
2023-12-21 12:58:32 -06:00
ups: 'cyberpower'
2023-11-30 02:44:01 -06:00
Node3:
2023-12-07 13:28:54 -06:00
ipinterface: enp1s0
2023-11-30 02:44:01 -06:00
ip: 10.0.1.8
2023-12-07 13:28:54 -06:00
mac: B2:C6:2C:02:B2:6E
2023-11-30 02:44:01 -06:00
tap: true
2024-01-12 13:06:19 -06:00
Nodelet0:
ipinterface: eth0
ip: 10.0.1.9
mac: b8:27:eb:9a:73:dd
static: true
k3s_primary: true
Nodelet1:
ipinterface: eth0
ip: 10.0.1.10
mac: E4:5F:01:01:FF:9C
static: true
Nodelet2:
ipinterface: eth0
ip: 10.0.1.11
mac: E4:5F:01:01:FF:D5
static: true
Nodelet3:
ipinterface: eth0
ip: 10.0.1.12
mac: E4:5F:01:01:FF:96
static: true
Nodelet4:
ipinterface: eth0
ip: 10.0.1.13
mac: E4:5F:01:01:FF:E4
static: true
2022-01-25 23:54:43 -06:00
virtual: # 10.0.1.16/28
2021-03-16 03:09:19 -05:00
vars:
hosts:
2021-12-19 21:32:19 -06:00
Sharingan:
2023-12-07 13:28:54 -06:00
node: Node2
2022-01-25 23:54:43 -06:00
ip: 10.0.1.16
ipinterface: ens3
mac: 00:15:5D:01:02:10
2022-04-19 12:01:03 -05:00
cores: 4
memory: 4
2022-01-25 23:54:43 -06:00
vnc: 8
2021-12-19 21:32:19 -06:00
bridge: br0
2022-04-19 12:01:03 -05:00
uefi: true
siem: true
2021-12-19 21:32:19 -06:00
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=raw,index=0,media=disk,file=/dev/sdc'
2023-10-08 12:28:14 -05:00
# On hold because of https://aninix.net/DarkFeather/MSN0/issues/6
holdpkg: "elasticsearch graylog mongodb44-bin mongodb-tools-bin"
2021-03-16 03:09:19 -05:00
DarkNet:
2023-12-07 13:28:54 -06:00
node: Node2
ipinterface: ens3
2022-01-25 23:54:43 -06:00
ip: 10.0.1.17
mac: 00:15:5D:01:02:05
2023-12-07 13:28:54 -06:00
cores: 4
memory: 4
2022-01-25 23:54:43 -06:00
vnc: 9
2023-12-07 13:28:54 -06:00
bridge: br0
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=raw,index=0,media=disk,file=/dev/sdb'
2024-01-12 13:06:19 -06:00
wolfpack_config: 'gitea@foundation.aninix.net:DarkFeather/WolfPack-Config.git'
2021-03-16 03:09:19 -05:00
Maat:
2023-12-07 13:28:54 -06:00
node: Node2
2022-01-25 23:54:43 -06:00
ip: 10.0.1.18
ipinterface: ens3
2021-12-19 21:32:19 -06:00
mac: 00:15:5d:01:02:07
cores: 2
memory: 2
bridge: br0
2022-01-25 23:54:43 -06:00
vnc: 7
2021-12-19 21:32:19 -06:00
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/Maat.qcow2'
Yggdrasil:
node: Node1
ipinterface: enp1s0f0
ip: 10.0.1.3
mac: 00:25:90:0d:6e:86
static: true
sslidentity: aninix.net-0001
secdetection: true
iptv_location: "Milwaukee|Madison"
aether_source: true
cores: 8
memory: 16
bridge: br0
vnc: 1
disks:
- '-drive format=raw,index=0,media=disk,file=/dev/sda'
- '-drive format=raw,index=0,media=disk,file=/dev/sdb'
- '-drive format=raw,index=0,media=disk,file=/dev/sdc'
- '-drive format=raw,index=0,media=disk,file=/dev/sdd'
2022-01-25 23:54:43 -06:00
geth_hubs: # 10.0.1.32/28
2021-03-16 03:09:19 -05:00
vars:
2022-01-25 23:54:43 -06:00
motion_enabled: yes
2021-03-16 03:09:19 -05:00
hosts:
Geth-Hub-1:
2022-01-25 23:54:43 -06:00
ip: 10.0.1.32
2021-12-19 21:32:19 -06:00
mac: 84:16:F9:14:15:C5
2022-04-19 12:01:03 -05:00
rotate: 0
2023-11-30 02:44:01 -06:00
remote: NS-RC4NA-14
2021-03-16 03:09:19 -05:00
Geth-Hub-2:
2022-01-25 23:54:43 -06:00
ip: 10.0.1.33
2021-12-19 21:32:19 -06:00
mac: 84:16:F9:13:B6:E6
2022-01-25 23:54:43 -06:00
motion_enabled: no
2022-04-19 12:01:03 -05:00
rotate: 180
2023-11-30 02:44:01 -06:00
remote: NS-RC4NA-14
2022-01-25 23:54:43 -06:00
Geth-Hub-3:
ip: 10.0.1.34
mac: b8:27:eb:60:73:68
2022-04-19 12:01:03 -05:00
rotate: 90
2023-11-30 02:44:01 -06:00
remote: LG-AKB73715608
2021-03-16 03:09:19 -05:00
unmanaged:
children:
2023-10-08 12:28:14 -05:00
# Both OVA groups are in the same subnet -- test_ovas aren't monitored
2022-01-25 23:54:43 -06:00
ovas: # 10.0.1.48/28
2021-03-16 03:09:19 -05:00
hosts:
2021-12-19 21:32:19 -06:00
Geth:
2023-12-07 13:28:54 -06:00
node: Node2
2022-01-25 23:54:43 -06:00
ip: 10.0.1.49
mac: DE:8B:9E:19:55:1E
cores: 2
memory: 2
vnc: 6
bridge: br0
2022-04-19 12:01:03 -05:00
uefi: true
2022-01-25 23:54:43 -06:00
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/hassos_ova-5.13.qcow2'
2023-10-08 12:28:14 -05:00
test_ovas: # 10.0.1.48/28
hosts:
TDS-Jump:
2023-12-07 13:28:54 -06:00
node: Node2
2023-10-08 12:28:14 -05:00
ip: 10.0.1.48
mac: 00:15:5d:01:02:08
cores: 2
memory: 2
vnc: 4
bridge: br0
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/TDSJump.qcow2'
2022-01-25 23:54:43 -06:00
DedNet:
ip: 10.0.1.50
2021-12-19 21:32:19 -06:00
mac: 00:15:5d:01:02:09
cores: 2
memory: 2
2022-01-25 23:54:43 -06:00
vnc: 3
2021-12-19 21:32:19 -06:00
bridge: br0
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/DedNet.qcow2'
2021-12-19 21:32:19 -06:00
- '-cdrom /srv/maat/iso/kali-linux.iso -boot order=d'
2022-01-25 23:54:43 -06:00
Aether:
ip: 10.0.1.51
mac: 00:15:5d:01:02:11
cores: 2
memory: 2
vnc: 5
bridge: br0
disks:
- '-drive if=none,id=disk0,cache=none,format=raw,aio=native,file=/dev/sdc'
- '-cdrom /srv/maat/iso/archlinux.iso -boot order=d'
test1:
ip: 10.0.1.52
ipinterface: ens3
mac: 00:15:5d:01:02:06
cores: 2
memory: 2
bridge: br0
vnc: 10
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/test1.qcow2'
test2:
ip: 10.0.1.53
ipinterface: ens3
2022-12-18 22:23:17 -06:00
mac: 00:15:5d:01:02:03
cores: 2
memory: 2
bridge: br0
vnc: 11
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/test2.qcow2'
test3:
ip: 10.0.1.54
ipinterface: ens3
mac: 00:15:5d:01:02:04
cores: 2
memory: 2
bridge: br0
vnc: 12
disks:
2023-12-07 13:28:54 -06:00
- '-drive format=qcow2,l2-cache-size=8M,file=/mnt/cage2/vm/test3.qcow2'
2023-10-08 12:28:14 -05:00
# appliances are monitored -- adhoc_appliances are convenience only and not monitored.
2022-01-25 23:54:43 -06:00
appliances:
hosts: # 10.0.1.64/27
2023-10-08 12:28:14 -05:00
Shadowfeed: # Router must be at root
2021-12-19 21:32:19 -06:00
ip: 10.0.1.1
mac: 2c:30:33:64:f4:03
2023-10-08 12:28:14 -05:00
Print: # Print is excepted for legacy setup reasons before we laid out subnets.
ip: 10.0.1.6
mac: 00:80:92:77:CE:E4
Geth-Eyes:
ip: 10.0.1.68
mac: 9C:A3:AA:33:A3:99
2023-12-07 13:28:54 -06:00
# "Core-Console":
# ip: 10.0.1.74
# mac: 00:25:90:0D:82:5B
# "Node0-Console":
# ip: 10.0.1.75
# mac: 00:25:90:3E:C6:8C
2023-10-08 12:28:14 -05:00
adhoc_appliances:
hosts: # 10.0.1.64/27
2022-01-25 23:54:43 -06:00
DarkFeather:
ip: 10.0.1.64
mac: D0:40:EF:D4:14:CF
Lykos:
ip: 10.0.1.65
mac: 70:74:14:4F:8E:42
Games:
ip: 10.0.1.66
mac: E0:BE:03:77:0E:88
2022-01-25 23:54:43 -06:00
LivingRoomTV:
ip: 10.0.1.69
mac: 80:D2:1D:17:63:0E
BedRoomTV:
ip: 10.0.1.70
mac: 80:D2:1D:17:63:0F
2023-10-08 12:28:14 -05:00
TrainingRoomTV:
2022-01-25 23:54:43 -06:00
ip: 10.0.1.71
mac: 80:D2:1D:17:63:10
Tachikoma:
ip: 10.0.1.72
mac: 90:0f:0c:1a:d3:23
2023-12-21 12:58:32 -06:00
DedSec:
2022-01-25 23:54:43 -06:00
ip: 10.0.1.73
mac: 34:F6:4B:36:12:8F
# dhcp build space: 10.0.1.224/27
2021-12-19 21:32:19 -06:00
iot: # 10.0.2.0/24
hosts:
LinKeuei:
ip: 10.0.2.2
mac: 64:16:66:08:57:F5
Canary:
ip: 10.0.2.3
mac: 18:B4:30:2F:F1:37
Charon:
ip: 10.0.2.4
mac: 64:52:99:14:28:2B
2023-12-21 12:58:32 -06:00
# CanoptekAleph: physical, no network
CanoptekBek:
2021-12-19 21:32:19 -06:00
ip: 10.0.2.5
mac: 40:9F:38:95:06:34