3 tahun lalu · bbea21eef4
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -8,6 +8,12 @@ main_groupname: "{{ main_username }}"
 
				 main_uid: 1558
			
 
				 main_gid: 3333
			
 
				 
			
 
				+server_home_subdomains:
			
 
				+  - git
			
 
				+  - transmission
			
 
				+  - qbittorrent
			
 
				+  - sickchill
			
 
				+
			
 
				 # ssh keys
			
 
				 ssh_root_keys:
			
 
				   # Blaine iPhone
			
@@ -60,6 +66,37 @@ ssh_ansible_keys:
 
				   # NAS
			
 
				   - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJmyvKWjJLJl6755J9iMCneeaOGZhVvv9PWfwsG3Cl7i root@nas
			
 
				 
			
 
				+common_pkgs:
			
 
				+  - bash-completion
			
 
				+  - vim
			
 
				+  - nano
			
 
				+  - htop
			
 
				+  - tmux
			
 
				+  - rsync
			
 
				+  - lsof
			
 
				+  - iftop
			
 
				+#  - nethogs
			
 
				+  - net-tools
			
 
				+  - curl
			
 
				+  - wget
			
 
				+#  - inxi
			
 
				+  - smartmontools
			
 
				+  - sysstat
			
 
				+  - tcpdump
			
 
				+  - iptraf-ng
			
 
				+  - dstat
			
 
				+  - pv
			
 
				+  - ncdu
			
 
				+#  - moreutils # for ts
			
 
				+#  - glances
			
 
				+
			
 
				+common_pkgs_rpm:
			
 
				+  - "{{ 'policycoreutils-python' if ansible_distribution == 'CentOS' and ansible_distribution_major_version == '7' else 'policycoreutils-python-utils' }}"
			
 
				+  - nmap-ncat
			
 
				+
			
 
				+common_pkgs_deb:
			
 
				+  - netcat-openbsd
			
 
				+
			
 
				 # backblaze b2 cloud backups
			
 
				 b2_account_key: "{{ vaulted_b2_account_key }}"
			
 
				 b2_key_id: "{{ vaulted_b2_key_id }}"
			
--- a/group_vars/dhcp.yml
+++ b/group_vars/dhcp.yml
@@ -1,22 +1,31 @@
 
				 ---
			
 
				+dns_primary: 1.1.1.1
			
 
				+dns_secondary: 1.0.0.1
			
 
				+dns_over_https: false
			
 
				 
			
 
				-default_domain: "server.home"
			
 
				-default_dns: 10.0.0.2
			
 
				-default_lease: 600
			
 
				-max_lease: 7200
			
 
				+gateway_server_ip: 192.168.122.2
			
 
				+actual_gateway_ip: 192.168.122.1
			
 
				+wireguard_server_ip: 10.0.0.8 # static route to webers through this server
			
 
				+# TODO split out static route in dhcpd.conf.j2 (currently hardcoded)
			
 
				+
			
 
				+dhcp_cidr: 192.168.122.0
			
 
				+dhcp_netmask: 255.255.255.0
			
 
				+dhcp_range_start: 192.168.122.200
			
 
				+dhcp_range_end: 192.168.122.230
			
 
				+dhcp_routers: "{{ actual_gateway_ip }}"
			
 
				 
			
 
				 subnets:
			
 
				-  - cidr: 10.0.0.0
			
 
				-    netmask: 255.255.255.0
			
 
				-    range_start: 10.0.0.100
			
 
				-    range_end: 10.0.0.200
			
 
				-    routers: 10.0.0.1
			
 
				-    subnet_domain: "{{ default_domain }}"
			
 
				-    subnet_default_lease: "{{ default_lease }}"
			
 
				-    subnet_max_lease: "{{ max_lease }}"
			
 
				+  - cidr: 192.168.122.0
			
 
				+    netmask: 255.255.255.0 # /24
			
 
				+    range_start: 192.168.122.200
			
 
				+    range_end: 192.168.122.230
			
 
				+    routers: 192.168.122.1
			
 
				+allowed_access_cidrs:
			
 
				+  - 192.168.122.0/24
			
 
				+
			
 
				 
			
 
				 reservations:
			
 
				-- type: default
			
 
				+  - type: default
			
 
				     name: gateway
			
 
				     mac: 1c:69:7a:0f:d3:a4
			
 
				     ip: 10.0.0.2
			
@@ -137,11 +146,6 @@ reservations:
 
				     mac: f0:a3:5a:95:b4:cd
			
 
				     ip: 10.0.0.54
			
 
				 
			
 
				-  - type: default
			
 
				-    name: blaine-iphone
			
 
				-    mac: f0:a3:5a:95:b4:cd
			
 
				-    ip: 10.0.0.54
			
 
				-
			
 
				   - type: cloudflare
			
 
				     name: julie-macbook
			
 
				     mac: b8:8d:12:36:f1:16