From 26971a234f13aa007bd9ab794391efdf01866afe Mon Sep 17 00:00:00 2001 From: Beth Parker Date: Fri, 10 Jul 2020 14:56:02 -0500 Subject: [PATCH] added host2 and some other stuff --- pillars/roles/ca/vpnclients.sls | 2 - pillars/roles/init.sls | 3 +- pillars/roles/router/init.sls | 15 ++ pillars/roles/router/misc.sls | 183 +++++++++++++++++++++ pillars/roles/router/none.sls | 0 pillars/servers/env/server/host2.sls | 1 + pillars/servers/env/server/router.sls | 1 + pillars/servers/roles/server/host2.sls | 7 + pillars/servers/roles/server/router.sls | 4 + states/roles/maintain/host/init.sls | 11 ++ states/roles/maintain/nginx-proxy/init.sls | 5 +- states/roles/maintain/router/dhcp | 50 ++++++ states/roles/maintain/router/init.sls | 9 + testb | 0 14 files changed, 284 insertions(+), 7 deletions(-) create mode 100644 pillars/roles/router/init.sls create mode 100644 pillars/roles/router/misc.sls create mode 100644 pillars/roles/router/none.sls create mode 100644 pillars/servers/env/server/host2.sls create mode 100644 pillars/servers/env/server/router.sls create mode 100644 pillars/servers/roles/server/host2.sls create mode 100644 pillars/servers/roles/server/router.sls create mode 100644 states/roles/maintain/host/init.sls create mode 100644 states/roles/maintain/router/dhcp create mode 100644 states/roles/maintain/router/init.sls create mode 100644 testb diff --git a/pillars/roles/ca/vpnclients.sls b/pillars/roles/ca/vpnclients.sls index 194cb11..88c0639 100644 --- a/pillars/roles/ca/vpnclients.sls +++ b/pillars/roles/ca/vpnclients.sls @@ -1,6 +1,4 @@ ca: - standesk: - type: client masau-llm.actcur.com: type: client masau-apm.actcur.com: diff --git a/pillars/roles/init.sls b/pillars/roles/init.sls index d3e2a18..4cfb709 100644 --- a/pillars/roles/init.sls +++ b/pillars/roles/init.sls @@ -9,4 +9,5 @@ include: - roles.database - roles.services - roles.laradev - - roles.lxc \ No newline at end of file + - roles.lxc + - roles.router diff --git a/pillars/roles/router/init.sls b/pillars/roles/router/init.sls new file mode 100644 index 0000000..3ce0f72 --- /dev/null +++ b/pillars/roles/router/init.sls @@ -0,0 +1,15 @@ +{% set states = salt['cp.list_states'](saltenv) %} +include: + - roles.router.none +{%- if grains['roles'] is defined -%} + {%- if grains['roles'] is not none -%} + {%- if 'router' in grains['roles'] -%} + {%- for state in states %} + {%- if state.startswith("pillars.roles.router.") -%} + {%- set role = state.split('.')[3] %} + - roles.router.{{ role }} + {%- endif -%} + {%- endfor -%} + {%- endif -%} + {%- endif -%} +{%- endif -%} diff --git a/pillars/roles/router/misc.sls b/pillars/roles/router/misc.sls new file mode 100644 index 0000000..1630b8a --- /dev/null +++ b/pillars/roles/router/misc.sls @@ -0,0 +1,183 @@ +router: + masau-ldm: + mac: 00:1e:e5:e6:5d:1a + ip: 172.16.40.1 + masau-llm: + mac: 54:27:1e:ee:0a:0a + ip: 172.16.40.2 + steam: + mac: 52:54:00:80:8a:68 + ip: 172.16.40.3 + babybrat-wdm: + mac: 00:02:6F:DC:94:F6 + ip: 172.16.40.4 + babybrat-wlm: + mac: 54:27:1e:79:0c:4e + ip: 172.16.40.5 + mitri-wdm: + mac: 00:00:00:00:00:05 + ip: 172.16.40.6 + host: + mac: b8:97:5a:49:70:fe + ip: 172.16.41.25 + virt: + mac: 52:54:00:3f:16:f3 + ip: 172.16.41.26 + icinga: + mac: 52:54:00:e9:85:5e + ip: 172.16.41.27 + ipa: + mac: 52:54:00:94:ae:44 + ip: 172.16.41.28 + salt: + mac: 52:54:00:f7:c9:c9 + ip: 172.16.41.29 + ssh: + mac: 52:54:00:cf:ce:52 + ip: 172.16.41.30 + ports: + - ssh: 23453.22 + pkg: + mac: 52:54:00:ff:a4:c4 + ip: 172.16.41.31 + ca: + mac: 52:54:00:18:c3:c4 + ip: 172.16.41.32 + vpn: + mac: 52:54:00:6e:d5:cf + ip: 172.16.41.33 + smb: + mac: 52:54:00:f0:0f:fd + ip: 172.16.41.34 + vnc: + mac: 52:54:00:8c:c5:e7 + ip: 172.16.41.35 + pass: + mac: 52:54:00:a0:b8:d8 + ip: 172.16.41.36 + authelia: + mac: 52:54:00:a6:25:11 + ip: 172.16.41.37 + ssh2: + mac: 52:54:00:aa:8b:b3 + ip: 172.16.41.38 + ports: + ssh2: 25432.22 + plex: + mac: 52:54:00:75:14:b7 + ip: 172.16.41.40 + arr: + mac: 52:54:00:99:63:17 + ip: 172.16.41.41 + emby: + mac: 52:54:00:a3:7d:ff + ip: 172.16.41.42 + ports: + emby: 8096.8096 + rtorrent: + mac: 52:54:00:d5:15:74 + ip: 172.16.41.43 + cast: + mac: 52:54:00:68:94:67 + ip: 172.16.41.44 + ombi: + mac: 52:54:00:e1:c4:dd + ip: 172.16.41.45 + transmission: + mac: 52:54:00:8e:79:5e + ip: 172.16.41.46 + mc: + mac: 52:54:00:2a:58:fc + ip: 172.16.41.50 + starbound: + mac: 52:54:00:ef:4d:ee + ip: 172.16.41.51 + portal: + mac: 52:54:00:04:4d:b2 + ip: 172.16.41.60 + ports: + portal-http: 80.80 + portal-https: 443.443 + lara: + mac: 52:54:00:fa:d4:0d + ip: 172.16.41.61 + shell: + mac: 52:54:00:5f:4b:ac + ip: 172.16.41.62 + multi: + mac: 52:54:00:2a:0a:c5 + ip: 172.16.41.65 + tt: + mac: 52:54:00:ef:f2:37 + ip: 172.16.41.66 + sql: + mac: 52:54:00:8c:d0:53 + ip: 172.16.41.67 + git: + mac: 52:54:00:7e:cc:99 + ip: 172.16.41.68 + ports: + gogs-ssh: 5022.5022 + baikal: + mac: 52:54:00:0f:81:f8 + ip: 172.16.41.69 + sync: + mac: 52:54:00:d6:69:8e + ip: 172.16.41.70 + squid: + mac: 52:54:00:e0:72:28 + ip: 172.16.41.71 + archtest: + mac: 52:54:00:8f:03:fe + ip: 172.16.41.72 + debtest: + mac: 52:54:00:1c:47:9a + ip: 172.16.41.73 + books: + mac: 52:54:00:6f:37:7e + ip: 172.16.41.74 + cloud: + mac: 52:54:00:65:10:a2 + ip: 172.16.41.75 + mycroft: + mac: 52:54:00:07:8f:03 + ip: 172.16.41.76 + rss: + mac: 52:54:00:ea:97:fb + ip: 172.16.41.200 + git2: + mac: 52:54:00:32:22:8c + ip: 172.16.41.201 + gitlab: + mac: 52:54:00:51:26:ff + ip: 172.16.41.202 + abase: + mac: 52:54:00:bc:ed:77 + ip: 172.16.41.203 + cbase: + mac: 52:54:00:e0:ac:cf + ip: 172.16.41.204 + dbase: + mac: 52:54:00:b0:d9:94 + ip: 172.16.41.205 + centtest: + mac: 52:54:00:65:8e:c7 + ip: 172.16.41.206 + project: + mac: 52:54:00:9e:a5:48 + ip: 172.16.41.208 + dipa: + mac: 52:54:00:57:2c:b1 + ip: 172.16.41.209 + fipa: + mac: 52:54:00:49:79:84 + ip: 172.16.41.210 + ipa2: + mac: 52:54:00:5b:98:ee + ip: 172.16.41.211 + acearo: + mac: 52:54:00:c1:b1:e2 + ip: 172.16.41.212 + jelly: + mac: 52:54:00:bb:40:09 + ip: 172.16.41.213 diff --git a/pillars/roles/router/none.sls b/pillars/roles/router/none.sls new file mode 100644 index 0000000..e69de29 diff --git a/pillars/servers/env/server/host2.sls b/pillars/servers/env/server/host2.sls new file mode 100644 index 0000000..2fdef9a --- /dev/null +++ b/pillars/servers/env/server/host2.sls @@ -0,0 +1 @@ +env: prod diff --git a/pillars/servers/env/server/router.sls b/pillars/servers/env/server/router.sls new file mode 100644 index 0000000..2fdef9a --- /dev/null +++ b/pillars/servers/env/server/router.sls @@ -0,0 +1 @@ +env: prod diff --git a/pillars/servers/roles/server/host2.sls b/pillars/servers/roles/server/host2.sls new file mode 100644 index 0000000..b355fa1 --- /dev/null +++ b/pillars/servers/roles/server/host2.sls @@ -0,0 +1,7 @@ +grains: + roles: + - server + - ssh + - nrpe + - saltminion + - host diff --git a/pillars/servers/roles/server/router.sls b/pillars/servers/roles/server/router.sls new file mode 100644 index 0000000..d556988 --- /dev/null +++ b/pillars/servers/roles/server/router.sls @@ -0,0 +1,4 @@ +grains: + roles: + - router + - ssh diff --git a/states/roles/maintain/host/init.sls b/states/roles/maintain/host/init.sls new file mode 100644 index 0000000..7eabf6d --- /dev/null +++ b/states/roles/maintain/host/init.sls @@ -0,0 +1,11 @@ +add_kvm: + kmod.present: + - name: kvm_intel + +install_host_pkgs: + pkg.installed: + - pkgs: + - qemu-headless + - net-tools + - speedtest-cli + - btrfs-progs diff --git a/states/roles/maintain/nginx-proxy/init.sls b/states/roles/maintain/nginx-proxy/init.sls index e80f67a..466259d 100644 --- a/states/roles/maintain/nginx-proxy/init.sls +++ b/states/roles/maintain/nginx-proxy/init.sls @@ -26,10 +26,7 @@ nginx: {##ensure that nginx pillar exists##} {%- if pillar['nginx'] is defined -%} - {%- set resolver = salt['dnsutil.A']('r.actcur.com')[0] -%} - {%- if resolver|string() == "U" -%} - {%- set resolver = "172.16.40.20" -%} - {%- endif -%} + {%- set resolver = "172.16.40.20" -%} {##set up conf files for this server##} {%- for name in pillar['nginx'] %} diff --git a/states/roles/maintain/router/dhcp b/states/roles/maintain/router/dhcp new file mode 100644 index 0000000..aaff8bb --- /dev/null +++ b/states/roles/maintain/router/dhcp @@ -0,0 +1,50 @@ +config dnsmasq + option domainneeded '1' + option boguspriv '1' + option filterwin2k '0' + option localise_queries '1' + option rebind_protection '1' + option rebind_localhost '1' + option local '/actcur.com/' + option domain 'actcur.com' + option expandhosts '1' + option nonegcache '0' + option authoritative '1' + option readethers '1' + option leasefile '/tmp/dhcp.leases' + option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto' + option nonwildcard '1' + option localservice '1' + +config dhcp 'lan' + option interface 'lan' + option start '100' + option limit '150' + option leasetime '12h' + option dhcpv6 'server' + option ra 'server' + option ra_slaac '1' + list ra_flags 'managed-config' + list ra_flags 'other-config' + option ra_management '1' + +config dhcp 'wan' + option interface 'wan' + option ignore '1' + +config odhcpd 'odhcpd' + option maindhcp '0' + option leasefile '/tmp/hosts/odhcpd' + option leasetrigger '/usr/sbin/odhcpd-update' + option loglevel '4' + +{%- if pillar['dns'] is defined -%} +{%- for name in pillar['dns'] %} +config host + option name {{ name }} + option ip {{ pillar['dns'][name]['ip'] }} + option mac {{ pillar['dns'][name]['mac'] }} + option dns '1' + +{%- endfor %} +{%- endif %} diff --git a/states/roles/maintain/router/init.sls b/states/roles/maintain/router/init.sls new file mode 100644 index 0000000..d38bee6 --- /dev/null +++ b/states/roles/maintain/router/init.sls @@ -0,0 +1,9 @@ +{##ensure that dns pillar exists##} +/etc/config/dhcp: + file.managed: + - makedirs: true + - source: salt://roles/maintain/dns/dhcp + - user: root + - group: root + - mode: 600 + - template: jinja diff --git a/testb b/testb new file mode 100644 index 0000000..e69de29