added host2 and some other stuff

2020-07-10 14:56:02 -05:00 · 2020-07-10 14:56:02 -05:00 · 26971a234f
commit 26971a234f
parent f386dd2d18
14 changed files with 284 additions and 7 deletions
--- a/pillars/roles/ca/vpnclients.sls
+++ b/pillars/roles/ca/vpnclients.sls
@ -1,6 +1,4 @@
 ca:
  standesk:
    type: client
  masau-llm.actcur.com:
    type: client
  masau-apm.actcur.com:
--- a/pillars/roles/init.sls
+++ b/pillars/roles/init.sls
@ -10,3 +10,4 @@ include:
  - roles.services
  - roles.laradev
  - roles.lxc
  - roles.router
--- a/pillars/roles/router/init.sls
+++ b/pillars/roles/router/init.sls
@ -0,0 +1,15 @@
 {% set states = salt['cp.list_states'](saltenv) %}
 include:
  - roles.router.none
 {%- if grains['roles'] is defined -%}
  {%- if grains['roles'] is not none -%}
    {%- if 'router' in grains['roles'] -%}
      {%- for state in states %}
        {%- if state.startswith("pillars.roles.router.") -%}
          {%- set role = state.split('.')[3] %}
  - roles.router.{{ role }}
        {%- endif -%}
      {%- endfor -%}
    {%- endif -%}
  {%- endif -%}
 {%- endif -%}
--- a/pillars/roles/router/misc.sls
+++ b/pillars/roles/router/misc.sls
@ -0,0 +1,183 @@
 router:
  masau-ldm:
    mac: 00:1e:e5:e6:5d:1a
    ip: 172.16.40.1
  masau-llm:
    mac: 54:27:1e:ee:0a:0a
    ip: 172.16.40.2
  steam:
    mac: 52:54:00:80:8a:68
    ip: 172.16.40.3
  babybrat-wdm:
    mac: 00:02:6F:DC:94:F6
    ip: 172.16.40.4
  babybrat-wlm:
    mac: 54:27:1e:79:0c:4e
    ip: 172.16.40.5
  mitri-wdm:
    mac: 00:00:00:00:00:05
    ip: 172.16.40.6
  host:
    mac: b8:97:5a:49:70:fe
    ip: 172.16.41.25
  virt:
    mac: 52:54:00:3f:16:f3
    ip: 172.16.41.26
  icinga:
    mac: 52:54:00:e9:85:5e
    ip: 172.16.41.27
  ipa:
    mac: 52:54:00:94:ae:44
    ip: 172.16.41.28
  salt:
    mac: 52:54:00:f7:c9:c9
    ip: 172.16.41.29
  ssh:
    mac: 52:54:00:cf:ce:52
    ip: 172.16.41.30
    ports:
      - ssh: 23453.22
  pkg:
    mac: 52:54:00:ff:a4:c4
    ip: 172.16.41.31
  ca:
    mac: 52:54:00:18:c3:c4
    ip: 172.16.41.32
  vpn:
    mac: 52:54:00:6e:d5:cf
    ip: 172.16.41.33
  smb:
    mac: 52:54:00:f0:0f:fd
    ip: 172.16.41.34
  vnc:
    mac: 52:54:00:8c:c5:e7
    ip: 172.16.41.35
  pass:
    mac: 52:54:00:a0:b8:d8
    ip: 172.16.41.36
  authelia:
    mac: 52:54:00:a6:25:11
    ip: 172.16.41.37
  ssh2:
    mac: 52:54:00:aa:8b:b3
    ip: 172.16.41.38
    ports:
      ssh2: 25432.22
  plex:
    mac: 52:54:00:75:14:b7
    ip: 172.16.41.40
  arr:
    mac: 52:54:00:99:63:17
    ip: 172.16.41.41
  emby:
    mac: 52:54:00:a3:7d:ff
    ip: 172.16.41.42
    ports:
      emby: 8096.8096
  rtorrent:
    mac: 52:54:00:d5:15:74
    ip: 172.16.41.43
  cast:
    mac: 52:54:00:68:94:67
    ip: 172.16.41.44
  ombi:
    mac: 52:54:00:e1:c4:dd
    ip: 172.16.41.45
  transmission:
    mac: 52:54:00:8e:79:5e
    ip: 172.16.41.46
  mc:
    mac: 52:54:00:2a:58:fc
    ip: 172.16.41.50
  starbound:
    mac: 52:54:00:ef:4d:ee
    ip: 172.16.41.51
  portal:
    mac: 52:54:00:04:4d:b2
    ip: 172.16.41.60
    ports:
      portal-http: 80.80
      portal-https: 443.443
  lara:
    mac: 52:54:00:fa:d4:0d
    ip: 172.16.41.61
  shell:
    mac: 52:54:00:5f:4b:ac
    ip: 172.16.41.62
  multi:
    mac: 52:54:00:2a:0a:c5
    ip: 172.16.41.65
  tt:
    mac: 52:54:00:ef:f2:37
    ip: 172.16.41.66
  sql:
    mac: 52:54:00:8c:d0:53
    ip: 172.16.41.67
  git:
    mac: 52:54:00:7e:cc:99
    ip: 172.16.41.68
    ports:
      gogs-ssh: 5022.5022
  baikal:
    mac: 52:54:00:0f:81:f8
    ip: 172.16.41.69
  sync:
    mac: 52:54:00:d6:69:8e
    ip: 172.16.41.70
  squid:
    mac: 52:54:00:e0:72:28
    ip: 172.16.41.71
  archtest:
    mac: 52:54:00:8f:03:fe
    ip: 172.16.41.72
  debtest:
    mac: 52:54:00:1c:47:9a
    ip: 172.16.41.73
  books:
    mac: 52:54:00:6f:37:7e
    ip: 172.16.41.74
  cloud:
    mac: 52:54:00:65:10:a2
    ip: 172.16.41.75
  mycroft:
    mac: 52:54:00:07:8f:03
    ip: 172.16.41.76
  rss:
    mac: 52:54:00:ea:97:fb
    ip: 172.16.41.200
  git2:
    mac: 52:54:00:32:22:8c
    ip: 172.16.41.201
  gitlab:
    mac: 52:54:00:51:26:ff
    ip: 172.16.41.202
  abase:
    mac: 52:54:00:bc:ed:77
    ip: 172.16.41.203
  cbase:
    mac: 52:54:00:e0:ac:cf
    ip: 172.16.41.204
  dbase:
    mac: 52:54:00:b0:d9:94
    ip: 172.16.41.205
  centtest:
    mac: 52:54:00:65:8e:c7
    ip: 172.16.41.206
  project:
    mac: 52:54:00:9e:a5:48
    ip: 172.16.41.208
  dipa:
    mac: 52:54:00:57:2c:b1
    ip: 172.16.41.209
  fipa:
    mac: 52:54:00:49:79:84
    ip: 172.16.41.210
  ipa2:
    mac: 52:54:00:5b:98:ee
    ip: 172.16.41.211
  acearo:
    mac: 52:54:00:c1:b1:e2
    ip: 172.16.41.212
  jelly:
    mac: 52:54:00:bb:40:09
    ip: 172.16.41.213
--- a/pillars/roles/router/none.sls
+++ b/pillars/roles/router/none.sls
--- a/pillars/servers/env/server/host2.sls
+++ b/pillars/servers/env/server/host2.sls
@ -0,0 +1 @@
 env: prod
--- a/pillars/servers/env/server/router.sls
+++ b/pillars/servers/env/server/router.sls
@ -0,0 +1 @@
 env: prod
--- a/pillars/servers/roles/server/host2.sls
+++ b/pillars/servers/roles/server/host2.sls
@ -0,0 +1,7 @@
 grains:
  roles:
    - server
    - ssh
    - nrpe
    - saltminion
    - host
--- a/pillars/servers/roles/server/router.sls
+++ b/pillars/servers/roles/server/router.sls
@ -0,0 +1,4 @@
 grains:
  roles:
    - router
    - ssh
--- a/states/roles/maintain/host/init.sls
+++ b/states/roles/maintain/host/init.sls
@ -0,0 +1,11 @@
 add_kvm:
  kmod.present:
    - name: kvm_intel
 install_host_pkgs:
  pkg.installed:
    - pkgs:
      - qemu-headless
      - net-tools
      - speedtest-cli
      - btrfs-progs
--- a/states/roles/maintain/nginx-proxy/init.sls
+++ b/states/roles/maintain/nginx-proxy/init.sls
@ -26,10 +26,7 @@ nginx:
 {##ensure that nginx pillar exists##}
 {%- if pillar['nginx'] is defined -%}
  {%- set resolver = salt['dnsutil.A']('r.actcur.com')[0] -%}
  {%- if resolver|string() == "U" -%}
  {%- set resolver = "172.16.40.20" -%}
  {%- endif -%}
 {##set up conf files for this server##}
 {%- for name in pillar['nginx'] %}
--- a/states/roles/maintain/router/dhcp
+++ b/states/roles/maintain/router/dhcp
@ -0,0 +1,50 @@
 config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/actcur.com/'
        option domain 'actcur.com'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
 config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'
        option ra_management '1'
 config dhcp 'wan'
        option interface 'wan'
        option ignore '1'
 config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'
 {%- if pillar['dns'] is defined -%}
 {%- for name in pillar['dns'] %}
 config host
        option name {{ name }}
        option ip {{ pillar['dns'][name]['ip'] }}
        option mac {{ pillar['dns'][name]['mac'] }}
        option dns '1'
 {%- endfor %}
 {%- endif %}
--- a/states/roles/maintain/router/init.sls
+++ b/states/roles/maintain/router/init.sls
@ -0,0 +1,9 @@
 {##ensure that dns pillar exists##}
 /etc/config/dhcp:
  file.managed:
    - makedirs: true
    - source: salt://roles/maintain/dns/dhcp
    - user: root
    - group: root
    - mode: 600
    - template: jinja
--- a/0
+++ b/0