add plays for alpha/beta gates

plays/nodes/alphagate.yml

@@ -0,0 +1,253 @@
+---
+- hosts: 10.0.0.2
+  gather_facts: true
+  become: true
+  vars_files:
+    - "{{ inventory_dir }}/vars/vault.yaml"
+
+  vars:
+    router_ingress_interface: enp3s0
+    router_egress_interface: tun0
+
+    dns_primary: 1.1.1.1
+    dns_secondary: 1.0.0.1
+
+    dhcp_cidr: 10.0.0.0/24
+    dhcp_domain: "home.arpa"
+    dhcp_range_start: 10.0.0.125
+    dhcp_range_end: 10.0.0.200
+    dhcp_gw_default: 10.0.0.1
+    dhcp_gw_secured: 10.0.0.2
+    dhcp_gw_betagate: 10.0.0.10
+    dhcp_interface: "{{ router_ingress_interface }}"
+
+    status_services:
+      - openvpn@proton
+      - isc-dhcp-server
+      - unbound
+
+    reservations:
+      - type: default
+        name: alphagate
+        mac: 00:e0:4c:68:01:ad # internal
+        ip: 10.0.0.2
+
+      - type: default
+        name: netgearap
+        mac: 94:a6:7e:58:3a:9f
+        #mac: 10:da:43:8c:a3:13
+        ip: 10.0.0.3
+
+      - type: secured
+        name: nas
+        mac: 04:7c:16:6e:db:ab
+        ip: 10.0.0.4
+
+      - type: secured
+        name: kodilv
+        mac: 6c:0b:84:e1:9b:61
+        ip: 10.0.0.5
+    
+      - type: secured
+        name: kodimb
+        mac: e4:5f:01:4f:7c:74
+        ip: 10.0.0.6
+    
+      - type: secured
+        name: kodijb
+        mac: 00:23:24:ad:2f:72
+        ip: 10.0.0.7
+    
+      - type: default
+        name: tvheadend
+        mac: 10:bf:48:4e:08:85
+        ip: 10.0.0.8
+    
+      - type: secured
+        name: arm
+        mac: 10:bf:48:d4:d5:fc
+        ip: 10.0.0.9
+
+      - type: cloudflare
+        name: betagate
+        mac: 00:e0:4c:68:01:84
+        ip: 10.0.0.10
+    
+      - type: devnull
+        name: ipcameras
+        mac: 9c:8e:cd:2e:51:9c
+        ip: 10.0.0.11
+    
+      - type: default
+        name: retropie
+        mac: b8:27:eb:42:71:dc
+        ip: 10.0.0.12
+    
+      - type: secured
+        name: nebula
+        mac: f4:4d:30:65:4d:1f
+        ip: 10.0.0.14
+    
+      - type: default
+        name: kitchen
+        mac: 60:f2:62:61:2d:71
+        ip: 10.0.0.15
+    
+      - type: default
+        name: x10
+        mac: b8:27:eb:7c:f3:ff
+        ip: 10.0.0.16
+    
+      - type: default
+        name: brother-print-server
+        mac: 80:1f:02:4a:cd:cf
+        ip: 10.0.0.17
+    
+      - type: default
+        name: dellxps
+        mac: f0:1f:af:36:0c:48
+        ip: 10.0.0.19
+    
+      - type: devnull
+        name: zoom
+        mac: 00:12:41:ba:5c:00
+        ip: 10.0.0.20
+    
+      - type: default
+        name: ricky-laptop-eth
+        mac: 50:a1:32:2a:fb:4c
+        ip: 10.0.0.21
+
+      - type: default
+        name: ricky-laptop-wifi
+        mac: 10:6f:d9:b0:1a:71
+        ip: 10.0.0.22
+    
+      # will set cameras to 10.0.0.30
+    
+      - type: default
+        name: nixos-laptop
+        mac: 28:d2:44:d8:7f:95
+        ip: 10.0.0.40
+    
+      # Ricky's new laptop wifi manually set to 10.0.0.41
+    
+      # Ricky's old laptop manually set to 10.0.0.42
+    
+      # Ricky's new laptop ethernet manually set to 10.0.0.43
+    
+      - type: betagate
+        name: blaine-work-laptop
+        mac: 08:3a:88:57:ab:fa
+        ip: 10.0.0.45
+    
+      - type: default
+        name: s7
+        mac: 8c:f5:a3:6a:55:f6
+        ip: 10.0.0.51
+    
+      - type: default
+        name: lemp12-ethernet
+        mac: f8:e4:3b:e5:3d:e5
+        ip: 10.0.0.52
+    
+      - type: default
+        name: lemp12-wifi
+        mac: c4:d0:e3:53:ed:00
+        ip: 10.0.0.53
+    
+      - type: default
+        name: blaine-iphone
+        mac: f0:a3:5a:95:b4:cd
+        ip: 10.0.0.54
+    
+      - type: default
+        name: xen-titanium
+        mac: f0:57:a6:87:50:23
+        ip: 10.0.0.55
+
+      - type: secured
+        name: t440s-eth
+        mac: 68:f7:28:21:36:60
+        ip: 10.0.0.56
+
+      - type: secured
+        name: t440s-wifi
+        mac: a4:c4:94:df:2f:c3
+        ip: 10.0.0.57
+    
+        # rancher server
+      - type: default
+        name: rancher
+        mac: 6c:0b:84:e0:d2:a0
+        ip: 10.0.0.60
+    
+        # rancher master
+      - type: default
+        name: rke-m01
+        mac: 6c:0b:84:e1:9b:61
+        ip: 10.0.0.61
+    
+        # rancher worker1
+      - type: default
+        name: rke-w01
+        mac: 00:23:24:b4:d3:3b
+        ip: 10.0.0.62
+    
+        # rancher worker2
+      - type: default
+        name: rke-w02
+        mac: 00:23:24:c7:25:bf
+        ip: 10.0.0.63
+    
+        # rancher worker3
+      - type: default
+        name: rke-w03
+        mac: 00:23:24:c7:1d:fb
+        ip: 10.0.0.64
+    
+    
+        # extra kodi box?
+      - type: default
+        name: unknown
+        mac: f8:e4:3b:bb:0c:c8
+        ip: 10.0.0.65
+    
+        # MetalLB VIP
+      - type: default
+        name: rke
+        mac: ff:ff:ff:ff:ff:ff # not a real box
+        ip: 10.0.0.70
+
+      - type: cloudflare
+        name: julie-macbook-air
+        mac: 10:b5:88:5d:70:c9
+        ip: 10.0.0.89
+    
+      - type: cloudflare
+        name: julie-macbook
+        mac: b8:8d:12:36:f1:16
+        ip: 10.0.0.90
+    
+      # Ken is using 10.0.0.91
+    
+      - type: devnull
+        name: cameradvr
+        mac: 00:12:41:12:e5:22
+        ip: 10.0.0.158
+    
+      - type: devnull
+        name: backyard-camera
+        mac: 00:2a:2a:5c:06:9a
+        ip: 10.0.0.173
+    
+      - type: default
+        name: netgear-switch1
+        mac: cc:40:d0:4c:3a:b6
+        ip: 10.0.0.254
+
+  roles:
+    - role: router
+    - role: openvpn
+    - role: name-resolution
+    - role: statusservices

plays/nodes/betagate.yml

@@ -0,0 +1,18 @@
+---
+- hosts: betagate
+  gather_facts: true
+  become: true
+  vars_files:
+    - "{{ inventory_dir }}/vars/vault.yaml"
+
+  vars:
+    router_ingress_interface: enp2s0
+    router_egress_interface: tun0
+
+    status_services:
+      - openvpn@proton
+
+  roles:
+    - role: router
+    - role: openvpn
+    - role: statusservices