From a2ec933cf834bdf34211fec54559633229e51d1b Mon Sep 17 00:00:00 2001 From: michael Date: Sat, 12 Aug 2023 20:19:07 +1000 Subject: [PATCH] refine systemd_networkd --- ansible/inventory/group_vars/all/all.yaml | 14 --- .../ansible_connection.yaml | 16 +++ .../hv00.balsillie.house/hypervisor.yaml | 6 + .../hv00.balsillie.house/serial_console.yaml | 1 + .../systemd_networkd.yaml} | 13 +-- ansible/inventory/inventory.yaml | 110 +++++++++--------- ansible/playbooks/vp2420.yaml | 14 +-- ansible/roles/archinstall/tasks/main.yml | 1 + .../defaults/main.yaml | 0 .../handlers/main.yaml | 0 .../tasks/main.yaml | 0 .../roles/systemd_networkd/defaults/main.yaml | 2 +- .../roles/systemd_networkd/tasks/main.yaml | 4 + .../templates/bridge.network.j2 | 2 +- ansible/roles/zfs-install/defaults/main.yml | 4 +- 15 files changed, 97 insertions(+), 90 deletions(-) create mode 100644 ansible/inventory/host_vars/hv00.balsillie.house/ansible_connection.yaml create mode 100644 ansible/inventory/host_vars/hv00.balsillie.house/hypervisor.yaml create mode 100644 ansible/inventory/host_vars/hv00.balsillie.house/serial_console.yaml rename ansible/inventory/host_vars/{hv00_balsillie_home/hv00_balsillie_house.yaml => hv00.balsillie.house/systemd_networkd.yaml} (93%) rename ansible/roles/{serial_out => serial_console}/defaults/main.yaml (100%) rename ansible/roles/{serial_out => serial_console}/handlers/main.yaml (100%) rename ansible/roles/{serial_out => serial_console}/tasks/main.yaml (100%) diff --git a/ansible/inventory/group_vars/all/all.yaml b/ansible/inventory/group_vars/all/all.yaml index 9ee09b0..ed97d53 100644 --- a/ansible/inventory/group_vars/all/all.yaml +++ b/ansible/inventory/group_vars/all/all.yaml @@ -1,15 +1 @@ --- - -# connection - -ansible_connection: ssh -ansible_become_method: sudo -ansible_become_user: root -ansible_port: 22 -zfs_packages: - - linux-lts-headers - - openssl-1.1 - - zfs-utils - - zfs-dkms - - smartmontools -zfs_key_id: DDF7DB817396A49B2A2723F7403BD972F75D9D76 diff --git a/ansible/inventory/host_vars/hv00.balsillie.house/ansible_connection.yaml b/ansible/inventory/host_vars/hv00.balsillie.house/ansible_connection.yaml new file mode 100644 index 0000000..561cf55 --- /dev/null +++ b/ansible/inventory/host_vars/hv00.balsillie.house/ansible_connection.yaml @@ -0,0 +1,16 @@ +$ANSIBLE_VAULT;1.1;AES256 +30653030376238643536303332376530306565363333613230303263653935626332383862646539 +3739623265323837613333343363343461353837643637650a616637656563313265636366616134 +61636335613330393239656262663735316365613435303766643964353964666537353338646666 +3536363034316632390a363234343466363937613631316130333566313037306636386130303137 +33366462303461393866633233643033356231343232313832636335336232383234626163623533 +64656339346264306265353839373362373034306261316238346365373639326566313866363263 +62613639313566373233303734666331633038383638316361353838313634383163626563333137 +62393835663963646431353431396238663062363031613735623937373835383630653165373634 +32356365363162333661323765333236363934636461366664666431333338326362656439366339 +62313265616666386164343336623032386536343134336232613164363236656236646332356335 +36643362613832656666376233363436313030626566356134306533643862333536336662653630 +32663936333434346530343639383330633538306536346432333136393765316366356362353735 +30636536333436346166616232643238373964306139313265623934616636663234336162306338 +34343934613136623837353436353462303036643837656636386533333266663265643538633333 +373133383866666465383332373336343739 diff --git a/ansible/inventory/host_vars/hv00.balsillie.house/hypervisor.yaml b/ansible/inventory/host_vars/hv00.balsillie.house/hypervisor.yaml new file mode 100644 index 0000000..c09f490 --- /dev/null +++ b/ansible/inventory/host_vars/hv00.balsillie.house/hypervisor.yaml @@ -0,0 +1,6 @@ +hypervisor: + storage: dir + device: /dev/sda + +qemu_bridges: + - br0 \ No newline at end of file diff --git a/ansible/inventory/host_vars/hv00.balsillie.house/serial_console.yaml b/ansible/inventory/host_vars/hv00.balsillie.house/serial_console.yaml new file mode 100644 index 0000000..a8aec32 --- /dev/null +++ b/ansible/inventory/host_vars/hv00.balsillie.house/serial_console.yaml @@ -0,0 +1 @@ +console_device: ttyS0 \ No newline at end of file diff --git a/ansible/inventory/host_vars/hv00_balsillie_home/hv00_balsillie_house.yaml b/ansible/inventory/host_vars/hv00.balsillie.house/systemd_networkd.yaml similarity index 93% rename from ansible/inventory/host_vars/hv00_balsillie_home/hv00_balsillie_house.yaml rename to ansible/inventory/host_vars/hv00.balsillie.house/systemd_networkd.yaml index 64d5149..6512ba9 100644 --- a/ansible/inventory/host_vars/hv00_balsillie_home/hv00_balsillie_house.yaml +++ b/ansible/inventory/host_vars/hv00.balsillie.house/systemd_networkd.yaml @@ -52,7 +52,7 @@ systemd_networkd_configs: mac_address: 64-62-66-21-e9-c6 arp: false lldp: false - dhcp: false + dhcp: true - name: 10-br0.netdev src: bridge.netdev.j2 vlan_filtering: true @@ -63,7 +63,7 @@ systemd_networkd_configs: dhcp: false lldp: true vlans: - - 110 + - vlan110 - name: 20-vlan110.netdev src: vlan.netdev.j2 vlan_id: 110 @@ -80,12 +80,3 @@ systemd_networkd_configs: nameserver: ipv4: - 10.192.110.254 - -qemu_bridges: - - br0 - -hypervisor: - storage: dir - device: /dev/sda - -console_device: ttyS0 \ No newline at end of file diff --git a/ansible/inventory/inventory.yaml b/ansible/inventory/inventory.yaml index d23d4df..c23e7f5 100644 --- a/ansible/inventory/inventory.yaml +++ b/ansible/inventory/inventory.yaml @@ -2,100 +2,100 @@ all: children: ups: hosts: - ups00_balsillie_house: + ups00.balsillie.house: firewalls: children: opnsense: hosts: - fw00_balsillie_net: + fw00.balsillie.net: openwrt: hosts: - fw00_balsillie_house: + fw00.balsillie.house: switches: hosts: - sw00_balsillie_house: + sw00.balsillie.house: waps: hosts: - wap00_balsillie_house: + wap00.balsillie.house: virtual_machines: hosts: - kube01_balsillie_net: - kube02_balsillie_net: - kube03_balsillie_net: - fw00_balsillie_net: - fw00_balsillie_house: - mp00_balsillie_house: - win11_balsillie_house: + kube01.balsillie.net: + kube02.balsillie.net: + kube03.balsillie.net: + fw00.balsillie.net: + fw00.balsillie.house: + mp00.balsillie.house: + win11.balsillie.house: bare_metal: hosts: - ups00_balsillie_house: - sw00_balsillie_house: - wap00_balsillie_house: - hv00_balsillie_house: - hv00_balsillie_net: - lat5420_balsillie_house: - lat7490_balsillie_house: - sff_balsillie_house: + ups00.balsillie.house: + sw00.balsillie.house: + wap00.balsillie.house: + hv00.balsillie.house: + hv00.balsillie.net: + lat5420.balsillie.house: + lat7490.balsillie.house: + sff.balsillie.house: servers: children: hypervisors: hosts: - hv00_balsillie_net: # Hetzner - hv00_balsillie_house: # vp2420 - hv01_balsillie_net: # 4U Rosewill + hv00.balsillie.net: # Hetzner + hv00.balsillie.house: # vp2420 + hv01.balsillie.net: # 4U Rosewill k8s: children: k8s_control: hosts: - kube01_balsillie_net: - kube02_balsillie_net: - kube03_balsillie_net: + kube01.balsillie.net: + kube02.balsillie.net: + kube03.balsillie.net: k8s_taint: hosts: - kube01_balsillie_net: - kube02_balsillie_net: - kube03_balsillie_net: + kube01.balsillie.net: + kube02.balsillie.net: + kube03.balsillie.net: k8s_worker: hosts: - kube01_balsillie_net: - kube02_balsillie_net: - kube03_balsillie_net: + kube01.balsillie.net: + kube02.balsillie.net: + kube03.balsillie.net: k8s_storage: hosts: - kube01_balsillie_net: - kube02_balsillie_net: - kube03_balsillie_net: + kube01.balsillie.net: + kube02.balsillie.net: + kube03.balsillie.net: workstations: children: arch: hosts: - lat5420_balsillie_house: - sff_balsillie_house: - mp00_balsillie_house: + lat5420.balsillie.house: + sff.balsillie.house: + mp00.balsillie.house: windows: hosts: - lat7490_balsillie_house: - win11_balsillie_house: + lat7490.balsillie.house: + win11.balsillie.house: laptops: hosts: - lat5420_balsillie_house: - lat7490_balsillie_house: + lat5420.balsillie.house: + lat7490.balsillie.house: desktops: hosts: - sff_balsillie_house: - mp00_balsillie_house: + sff.balsillie.house: + mp00.balsillie.house: hetzner: hosts: - fw00_balsillie_net: - hv00_balsillie_net: - kube01_balsillie_net: - kube02_balsillie_net: - kube03_balsillie_net: + fw00.balsillie.net: + hv00.balsillie.net: + kube01.balsillie.net: + kube02.balsillie.net: + kube03.balsillie.net: house: hosts: - hv00_balsillie_house: - fw00_balsillie_house: - mp00_balsillie_house: - win11_balsillie_house: - lat5420_balsillie_house: - sff_balsillie_house: + hv00.balsillie.house: + fw00.balsillie.house: + mp00.balsillie.house: + win11.balsillie.house: + lat5420.balsillie.house: + sff.balsillie.house: diff --git a/ansible/playbooks/vp2420.yaml b/ansible/playbooks/vp2420.yaml index 6be26e0..31c780a 100644 --- a/ansible/playbooks/vp2420.yaml +++ b/ansible/playbooks/vp2420.yaml @@ -5,20 +5,20 @@ # Systemd networking - name: Setup systemd-networkd - hosts: hv00_balsillie_house + hosts: hv00.balsillie.house become: true roles: - name: systemd_networkd vars: - ansible_host: # TODO add temp address + ansible_host: 192.168.1.106 # Serial console -- name: Setup serial console - hosts: hv00_balsillie_house - become: true - roles: - - name: serial_console +# - name: Setup serial console +# hosts: hv00_balsillie_house +# become: true +# roles: +# - name: serial_console # Hypervisor setup diff --git a/ansible/roles/archinstall/tasks/main.yml b/ansible/roles/archinstall/tasks/main.yml index 1742528..a1ea27f 100644 --- a/ansible/roles/archinstall/tasks/main.yml +++ b/ansible/roles/archinstall/tasks/main.yml @@ -39,6 +39,7 @@ # pacstrap # pacstrap -K /mnt/root base linux-lts linux-firmware nano openssh bind bash efibootmgr reflector screen pv pinentry sudo man-db man-pages texinfo ufw nftables intel-ucode e2fsprogs dosfstools curl cryptsetup +# sbctl fwupd fwupd-efi dmidecode udisks2 # gen fstab # genfstab -L /mnt/root >> /mnt/root/etc/fstab diff --git a/ansible/roles/serial_out/defaults/main.yaml b/ansible/roles/serial_console/defaults/main.yaml similarity index 100% rename from ansible/roles/serial_out/defaults/main.yaml rename to ansible/roles/serial_console/defaults/main.yaml diff --git a/ansible/roles/serial_out/handlers/main.yaml b/ansible/roles/serial_console/handlers/main.yaml similarity index 100% rename from ansible/roles/serial_out/handlers/main.yaml rename to ansible/roles/serial_console/handlers/main.yaml diff --git a/ansible/roles/serial_out/tasks/main.yaml b/ansible/roles/serial_console/tasks/main.yaml similarity index 100% rename from ansible/roles/serial_out/tasks/main.yaml rename to ansible/roles/serial_console/tasks/main.yaml diff --git a/ansible/roles/systemd_networkd/defaults/main.yaml b/ansible/roles/systemd_networkd/defaults/main.yaml index 9aec84f..e4502f5 100644 --- a/ansible/roles/systemd_networkd/defaults/main.yaml +++ b/ansible/roles/systemd_networkd/defaults/main.yaml @@ -1,3 +1,3 @@ default_network_services: Archlinux: - NetworkManager \ No newline at end of file + - NetworkManager.service \ No newline at end of file diff --git a/ansible/roles/systemd_networkd/tasks/main.yaml b/ansible/roles/systemd_networkd/tasks/main.yaml index fdee12c..57a5ffd 100644 --- a/ansible/roles/systemd_networkd/tasks/main.yaml +++ b/ansible/roles/systemd_networkd/tasks/main.yaml @@ -23,7 +23,11 @@ - Restart systemd-resolved - Restart systemd-networkd +- name: Get service facts + ansible.builtin.service_facts: + - name: Disable non-systemd networking services + when: item in ansible_facts.services ansible.builtin.service: name: "{{ item }}" state: stopped diff --git a/ansible/roles/systemd_networkd/templates/bridge.network.j2 b/ansible/roles/systemd_networkd/templates/bridge.network.j2 index f479207..85ad018 100644 --- a/ansible/roles/systemd_networkd/templates/bridge.network.j2 +++ b/ansible/roles/systemd_networkd/templates/bridge.network.j2 @@ -10,6 +10,6 @@ LinkLocalAddressing=False LLDP={{ item.lldp | default(true) }} {% if item.vlans is defined -%} {% for vlan in item.vlans -%} -VLAN={{ item.vlan }} +VLAN={{ vlan }} {% endfor -%} {% endif -%} \ No newline at end of file diff --git a/ansible/roles/zfs-install/defaults/main.yml b/ansible/roles/zfs-install/defaults/main.yml index 94bf561..90e414b 100644 --- a/ansible/roles/zfs-install/defaults/main.yml +++ b/ansible/roles/zfs-install/defaults/main.yml @@ -16,4 +16,6 @@ zfs_zpool_compression: lz4 zfs_zpool_type: mirror zfs_zpool_disk_a: /dev/disk/by-id/ata-Samsung_SSD_850_PRO_2TB_S3D4NX0J503633V zfs_zpool_disk_b: /dev/disk/by-id/ata-Samsung_SSD_850_PRO_2TB_S3D4NX0J708201E -zfs_backup_dataset: ssd/backup \ No newline at end of file +zfs_backup_dataset: ssd/backup + +zfs_key_id: DDF7DB817396A49B2A2723F7403BD972F75D9D76 \ No newline at end of file