new hypervisor wip

ansible/inventory/host_vars/hv00_balsillie_home/hv00_balsillie_house.yaml

@@ -0,0 +1,26 @@
+systemd_networkd_configs:
+  - name: 00-eth0.link
+    src: ethernet.link.j2
+    mac_address: 00-00-00-00-00-00
+  - name: 00-eth1.link
+    src: ethernet.link.j2
+    mac_address: 00-00-00-00-00-00
+  - name: 00-eth2.link
+    src: ethernet.link.j2
+    mac_address: 00-00-00-00-00-00
+  - name: 00-eth3.link
+    src: ethernet.link.j2
+    mac_address: 00-00-00-00-00-00
+  - name: br0.netdev
+    src: bridge.netdev.j2
+    vlan_filtering: true
+    stp: true
+  - name: br0.network
+    src: bridge.network.j2
+  - name: vlan110.netdev
+    src: vlan.netdev.j2
+  - name: vlan110.network
+    src: vlan.network.j2
+
+qemu_bridges:
+  br0

ansible/inventory/inventory.yaml

@@ -1,64 +1,101 @@
 all:
   children:
+    ups:
+      hosts:
+        ups00_balsillie_house:
+    firewalls:
+      children:
+        opnsense:
+          hosts:
+            fw00_balsillie_net:
+        openwrt:
+          hosts:
+            fw00_balsillie_house:
+    switches:
+      hosts:
+        sw00_balsillie_house:
+    waps:
+      hosts:
+        wap00_balsillie_house:
+    virtual_machines:
+      hosts:
+        kube01_balsillie_net:
+        kube02_balsillie_net:
+        kube03_balsillie_net:
+        fw00_balsillie_net:
+        fw00_balsillie_house:
+        mp00_balsillie_house:
+        win11_balsillie_house:
+    bare_metal:
+      hosts:
+        ups00_balsillie_house:
+        sw00_balsillie_house:
+        wap00_balsillie_house:
+        hv00_balsillie_house:
+        hv00_balsillie_net:
+        lat5420_balsillie_house:
+        lat7490_balsillie_house:
+        sff_balsillie_house:
     servers:
       children:
         hypervisors:
           hosts:
-            server:
+            hv00_balsillie_net: # Hetzner
-            lab:
+            hv00_balsillie_house: # vp2420
-            hv00:
+            hv01_balsillie_net: # 4U Rosewill
-        vms:
+        k8s:
           children:
-            nodes:
+            k8s_control:
               hosts:
-                node1:
+                kube01_balsillie_net:
-                node2:
+                kube02_balsillie_net:
-                node3:
+                kube03_balsillie_net:
-          hosts:
+            k8s_taint:
-            router:
+              hosts:
-    hetzner:
+                kube01_balsillie_net:
-      hosts:
+                kube02_balsillie_net:
-        hv00:
+                kube03_balsillie_net:
-        fw00:
+            k8s_worker:
-    k8s:
+              hosts:
-      children:
+                kube01_balsillie_net:
-        k8s_control:
+                kube02_balsillie_net:
-          hosts:
+                kube03_balsillie_net:
-            kube01:
+            k8s_storage:
-            # kube02:
+              hosts:
-            # kube03:
+                kube01_balsillie_net:
-        k8s_taint:
+                kube02_balsillie_net:
-          hosts:
+                kube03_balsillie_net:  
-            kube01:
-            # kube02:
-            # kube03:
-        k8s_worker:
-          hosts:
-            kube01:
-            # kube02:
-            # kube03:  
-        k8s_storage:
-          hosts:
-            kube01:
-            # kube02:
-            # kube03:      
-    firewalls:
-      children:
-        fortigate:
-          hosts:
-            fortigate00:
-        opnsense:
-          hosts:
-            fw00:
-    switches:
-      hosts:
-        sw00:
     workstations:
       children:
         arch:
           hosts:
-            lat5420:
+            lat5420_balsillie_house:
-            sff:
+            sff_balsillie_house:
+            mp00_balsillie_house:
         windows:
           hosts:
-            bridie:
+            lat7490_balsillie_house:
+            win11_balsillie_house: 
+        laptops:
+          hosts:
+            lat5420_balsillie_house:
+            lat7490_balsillie_house:
+        desktops:
+          hosts:
+            sff_balsillie_house:
+            mp00_balsillie_house:               
+    hetzner:
+      hosts:
+        fw00_balsillie_net:
+        hv00_balsillie_net:
+        kube01_balsillie_net:
+        kube02_balsillie_net:
+        kube03_balsillie_net:
+    house:
+      hosts:
+        hv00_balsillie_house:
+        fw00_balsillie_house:
+        mp00_balsillie_house:
+        win11_balsillie_house:
+        lat5420_balsillie_house:
+        sff_balsillie_house:

ansible/roles/archinstall/defaults/main.yml

@@ -0,0 +1,5 @@
+---
+iso_source:
+ntp_servers:
+  - time.example.com
+  

ansible/roles/baremetal/defaults/main.yml

@@ -1,2 +0,0 @@
----
-iso_source:

ansible/roles/hypervisor_qcow/defaults/main.yaml

@@ -0,0 +1,12 @@
+libvirt_packages:
+  arch:
+    qemu-base
+    openbsd-netcat
+    swtpm
+    gettext
+    libvirt
+    libvirt-python
+
+default_network_services:
+  Archlinux:
+    NetworkManager

ansible/roles/hypervisor_qcow/tasks/main.yaml

@@ -0,0 +1,76 @@
+---
+
+- name: Clear systemd-networkd config directory
+  ansible.builtin.file:
+    path: "/etc/systemd/network/"
+    state: "{{ item }}"
+    owner: root
+    group: root
+    mode: '0755'
+  with_items:
+    - absent
+    - directory
+
+- name: Create systemd-networkd config files
+  ansible.builtin.template:
+    src: "{{ item.src }}"
+    dest: /etc/systemd/network/"{{ item.name }}"
+    owner: root
+    group: root
+    mode: '0644'
+  loop: "{{ systemd_networkd_configs }}"
+
+- name: Disable non-systemd networking services
+  ansible.builtin.service:
+    name: "{{ item }}"
+    state: stopped
+    enabled: false
+  loop: "{{ default_network_services[ansible_os_family] }}"
+
+- name: Enable systemd networking
+  ansible.builtin.service:
+    name: "{{ item }}"
+    state: started
+    enabled: true
+  loop:
+    - systemd-networkd
+    - systemd-resolved
+
+- name: Install libvirt packages (Arch)
+  when: ansible_os_distribution == 'Archlinux'
+  community.general.pacman:
+    name: "{{ libvirt_packages['Arch'] }}"
+    state: present
+    update_cache: true
+
+- name: Add user to libvirt group
+  ansible.builtin.user:
+    name: "{{ ansible_user }}"
+    groups: libvirt
+    append: true
+
+- name: Add bridge(s) to qemu_bridge_helper
+  when: qemu_bridges is defined
+  ansible.builtin.lineinfile:
+    path: /etc/qemu/bridge.conf
+    line: "{{ item }}"
+    state: present
+    backup: false
+    insertafter: EOF
+  loop: "{{ qemu_bridges | default(['virbr0']) }}"
+
+- name: Start and enable libvirt service
+  ansible.builtin.service:
+    name: libvirtd.service
+    state: started
+    enabled: true
+
+- name: Stop the default libvirt network
+  community.libvirt.virt_net:
+    name: default
+    state: inactive
+
+- name: Remove default libvirt network
+  community.libvirt.virt_net:
+    name: default
+    state: absent

ansible/roles/hypervisor_qcow/templates/bridge.netdev.j2

@@ -0,0 +1,9 @@
+[NetDev]
+Name=br0
+Kind=bridge
+
+[Bridge]
+DefaultPVID=none
+VLANFiltering={{ item.vlan_filtering }}
+VLANProtocol=802.1q
+STP={{ item.stp }}

ansible/roles/hypervisor_qcow/templates/ethernet.link.j2

@@ -0,0 +1,6 @@
+[Match]
+PermanentMACAddress={{ item.mac_address }}
+[Link]
+MACAddressPolicy=permanent
+MACAddress={{ item.mac_address }}
+Name={{ item.name | regex_replace('^[0-9]*-', '') |  regex_replace('\.link', '') }}

ansible/roles/hypervisor_qcow/templates/ethernet.network.j2

@@ -0,0 +1,12 @@
+[Match]
+MACAddress={{ item.mac_address }}
+
+[Link]
+ARP={{ item.arp }}
+
+[Network]
+DHCP=no
+if item.bond
+    Bond={{ item.bond }}
+if item.bridge
+    Bridge={{ item.bridge }}