WIP: new z9 ccchh router #98
22 changed files with 17 additions and 17 deletions
z9-router(host): rename rt1 to z9-router
commit
3a091f7aa5
SSH key fingerprint:
SHA256:KybIk/tusSKao6eLGY+ILlFa1rCrzwx66/acBAcKUqE
|
|
@ -1,8 +1,8 @@
|
||||||
secrets__secrets:
|
secrets__secrets:
|
||||||
- name: ENC[AES256_GCM,data:MmqDXUKy+U67JZFmKJTGLYAJcYPClQ8M2w==,iv:/eDx++bJCzdKXYB8YipB/GB6aM421JR3sy8i5trBKxk=,tag:/zTklys9bN839iT1qOH0UQ==,type:str]
|
- name: ENC[AES256_GCM,data:gt9BarzsfE/GJ5gQeelgePquW6KAgE3Exv4=,iv:IPpUQI+zkf8O+ej+ZxLFyWUOrxGGlZvmDRG0ut2cNsA=,tag:GP66MvcKyCqyKV814+uMYg==,type:str]
|
||||||
content: ENC[AES256_GCM,data:2ljp324rAsF2zk2631TI7bV1xKxdFr4u4NxrsPYnjWsL0PX0n0KhJ1qvJCs=,iv:0+DxsTTiNLOg5iH83bFT/d+0uW2rn6bATSm3xc5PEdE=,tag:XbBDrrjriXPedyT4+sBBwA==,type:str]
|
content: ENC[AES256_GCM,data:2ljp324rAsF2zk2631TI7bV1xKxdFr4u4NxrsPYnjWsL0PX0n0KhJ1qvJCs=,iv:0+DxsTTiNLOg5iH83bFT/d+0uW2rn6bATSm3xc5PEdE=,tag:XbBDrrjriXPedyT4+sBBwA==,type:str]
|
||||||
- name: ENC[AES256_GCM,data:9i4hZU7Hv/IMlI/1oYthx8g57nrst9LHZQk=,iv:IQanD/CA64A+hVyTQBiTvWdXyY8qNF9BpehWZxI5a9c=,tag:RiY0OJe2xbFPG6wfe5XjiA==,type:str]
|
- name: ENC[AES256_GCM,data:9i4hZU7Hv/IMlI/1oYthx8g57nrst9LHZQk=,iv:IQanD/CA64A+hVyTQBiTvWdXyY8qNF9BpehWZxI5a9c=,tag:RiY0OJe2xbFPG6wfe5XjiA==,type:str]
|
||||||
content: ENC[AES256_GCM,data:lrwHaNvHkh5E94ziiQsd8ua9YvuwmhZ6iIGZS0oFnZdYKuyNh7egWOoii2o=,iv:LLRKhbiJl1GwK/SfqNdNrrJuDF17YXw3hHmuhlyI87w=,tag:DbR/a7jfy1+4yswSdYfOFA==,type:str]
|
content: ENC[AES256_GCM,data:68GUwG1Q2s2jH92HS0FQWrcMHJP8fHjrOqr21gsdswxKekQrpxX5B3BBFfM=,iv:HOsNUAKE5rOmKgZft2JK1NnZUuhk261d9WYWJS22nLM=,tag:3husFvB57AGVFzF7hKzLpw==,type:str]
|
||||||
- name: ENC[AES256_GCM,data:2lJUcDJ7ECJ1bF4Fg1VwOR2tBIQ77ZvDAbFF8w==,iv:HrPWIetjN/lOyQ7Mvk0sM1w+bWldlNfWhvw7/sfqKN8=,tag:AJL0s+f0O/yR4G3RVd1IHQ==,type:str]
|
- name: ENC[AES256_GCM,data:2lJUcDJ7ECJ1bF4Fg1VwOR2tBIQ77ZvDAbFF8w==,iv:HrPWIetjN/lOyQ7Mvk0sM1w+bWldlNfWhvw7/sfqKN8=,tag:AJL0s+f0O/yR4G3RVd1IHQ==,type:str]
|
||||||
content: ENC[AES256_GCM,data:68GUwG1Q2s2jH92HS0FQWrcMHJP8fHjrOqr21gsdswxKekQrpxX5B3BBFfM=,iv:HOsNUAKE5rOmKgZft2JK1NnZUuhk261d9WYWJS22nLM=,tag:3husFvB57AGVFzF7hKzLpw==,type:str]
|
content: ENC[AES256_GCM,data:68GUwG1Q2s2jH92HS0FQWrcMHJP8fHjrOqr21gsdswxKekQrpxX5B3BBFfM=,iv:HOsNUAKE5rOmKgZft2JK1NnZUuhk261d9WYWJS22nLM=,tag:3husFvB57AGVFzF7hKzLpw==,type:str]
|
||||||
- name: ENC[AES256_GCM,data:ESxpEp9k9BdD1GJv+af+U3ny0+RPuaJjWDhQ,iv:DxsZLiDF8F+ixepbUdlitMJ7DLHjGNFNuxRwLl7efo8=,tag:STnv/oLzbchdiwXfKP3fow==,type:str]
|
- name: ENC[AES256_GCM,data:ESxpEp9k9BdD1GJv+af+U3ny0+RPuaJjWDhQ,iv:DxsZLiDF8F+ixepbUdlitMJ7DLHjGNFNuxRwLl7efo8=,tag:STnv/oLzbchdiwXfKP3fow==,type:str]
|
||||||
|
|
@ -18,8 +18,8 @@ secrets__secrets:
|
||||||
- name: ENC[AES256_GCM,data:ERsggezMBbs1YwbIgwzKSAEHWWOWYxap8IDdn2YtEKvZexqu,iv:XbObLp2QERgt57tc/Cpha1CWXi+GttcIU8hJFGSp8e8=,tag:FqCuSbvLRERpVnQTzQsfpQ==,type:str]
|
- name: ENC[AES256_GCM,data:ERsggezMBbs1YwbIgwzKSAEHWWOWYxap8IDdn2YtEKvZexqu,iv:XbObLp2QERgt57tc/Cpha1CWXi+GttcIU8hJFGSp8e8=,tag:FqCuSbvLRERpVnQTzQsfpQ==,type:str]
|
||||||
content: ENC[AES256_GCM,data:QPoZA71CwE8EFE0I+6z0z0O1bUCMQDDDG7wGNoxXKt3ovLkFt21r8WG7VhA=,iv:InX6A71f3DGTg1wO4G0ECf488+FnKgTHffVwvJ9hHQ0=,tag:EVxwJlneN1CbMLXto7uLFw==,type:str]
|
content: ENC[AES256_GCM,data:QPoZA71CwE8EFE0I+6z0z0O1bUCMQDDDG7wGNoxXKt3ovLkFt21r8WG7VhA=,iv:InX6A71f3DGTg1wO4G0ECf488+FnKgTHffVwvJ9hHQ0=,tag:EVxwJlneN1CbMLXto7uLFw==,type:str]
|
||||||
sops:
|
sops:
|
||||||
lastmodified: "2026-05-23T21:19:38Z"
|
lastmodified: "2026-05-25T16:29:22Z"
|
||||||
mac: ENC[AES256_GCM,data:Ded0VfGn8H2qGMk5LDyqF1gW8hajKc9FgvCynHPQkWkhMSdaHYbFwf//gWi2TjIO22HD5sPw1w9KAjPy53b57RwBCjXfMMq0JCPvuePLK40NC8uCAi+wr5Er0fAWz1JiaA+dowposoi6RxBtyHCaNHMDVGMLh1j+IL+pTOyi6fk=,iv:gssOMmR0DDQC4WjMVXTD/zqbQa8qlBr9ZZWF15W0WnE=,tag:DORTxQfCmpVjDjyGSNH7dw==,type:str]
|
mac: ENC[AES256_GCM,data:zxtV1xgjQuKNMvh6S8oAOxX5J6+iBRO6k3vGw3vWNlhah4Gu3S/lt+5v8lQHogz1Vyc+Zff0yMj1cn6RstDDj5AuOCljRQN0FYs0fjCo4Yrxx5sMMwcwBYquC77skEiZhRnqdXKkjiOM7EGE8qj8O3DJ29borIjm5NAsflH/qkA=,iv:7EUElg+gu8mk2Gq32JQMTf+A1+ZhZufoqt5bk4+Ca1E=,tag:XG+F/zlXizsc2B8THoXj4g==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2026-05-23T20:58:22Z"
|
- created_at: "2026-05-23T20:58:22Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
systemd_networkd__config_dir: 'resources/z9/rt1/systemd_networkd/'
|
systemd_networkd__config_dir: 'resources/z9/z9-router/systemd_networkd/'
|
||||||
systemd_networkd__global_config: "{{ lookup('ansible.builtin.file', 'resources/z9/rt1/systemd_networkd_global_config.conf') }}"
|
systemd_networkd__global_config: "{{ lookup('ansible.builtin.file', 'resources/z9/z9-router/systemd_networkd_global_config.conf') }}"
|
||||||
nftables__config: "{{ lookup('ansible.builtin.file', 'resources/z9/rt1/nftables/nftables.conf') }}"
|
nftables__config: "{{ lookup('ansible.builtin.file', 'resources/z9/z9-router/nftables/nftables.conf') }}"
|
||||||
ansible_pull__timer_on_calendar: "*-*-* 04:00:00 Europe/Berlin"
|
ansible_pull__timer_on_calendar: "*-*-* 04:00:00 Europe/Berlin"
|
||||||
ansible_pull__timer_randomized_delay_sec: 0min
|
ansible_pull__timer_randomized_delay_sec: 0min
|
||||||
unbound_access_control: [ "10.89.208.0/20" ]
|
unbound_access_control: [ "10.89.208.0/20" ]
|
||||||
kea_dhcp__include_vars: resources/z9/rt1/kea_dhcp.yaml
|
kea_dhcp__include_vars: resources/z9/z9-router/kea_dhcp.yaml
|
||||||
|
|
@ -14,8 +14,8 @@ all:
|
||||||
yate:
|
yate:
|
||||||
ansible_host: yate.ccchh.net
|
ansible_host: yate.ccchh.net
|
||||||
ansible_user: chaos
|
ansible_user: chaos
|
||||||
rt1:
|
z9-router:
|
||||||
|
bitwhisker marked this conversation as resolved
Outdated
|
|||||||
ansible_host: rt1.ccchh.net
|
ansible_host: z9-router.ccchh.net
|
||||||
ansible_user: chaos
|
ansible_user: chaos
|
||||||
certbot_hosts:
|
certbot_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
|
|
@ -38,7 +38,7 @@ infrastructure_authorized_keys_hosts:
|
||||||
light:
|
light:
|
||||||
waybackproxy:
|
waybackproxy:
|
||||||
yate:
|
yate:
|
||||||
rt1:
|
z9-router:
|
||||||
nginx_hosts:
|
nginx_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
dooris:
|
dooris:
|
||||||
|
|
@ -52,22 +52,22 @@ proxmox_vm_template_hosts:
|
||||||
thinkcccore0:
|
thinkcccore0:
|
||||||
systemd_networkd_hosts:
|
systemd_networkd_hosts:
|
||||||
|
bitwhisker marked this conversation as resolved
Outdated
june
commented
If we configure ansible-pull variables above, the host should also be added to the relevant host group. (However an ansible-pull age private key is still missing.) If we configure ansible-pull variables above, the host should also be added to the relevant host group. (However an ansible-pull age private key is still missing.)
|
|||||||
hosts:
|
hosts:
|
||||||
rt1:
|
z9-router:
|
||||||
nftables_hosts:
|
nftables_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
rt1:
|
z9-router:
|
||||||
unbound_hosts:
|
unbound_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
rt1:
|
z9-router:
|
||||||
kea_dhcp_hosts:
|
kea_dhcp_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
rt1:
|
z9-router:
|
||||||
alloy_hosts:
|
alloy_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
light:
|
light:
|
||||||
yate:
|
yate:
|
||||||
dooris:
|
dooris:
|
||||||
rt1:
|
z9-router:
|
||||||
ansible_pull_hosts:
|
ansible_pull_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
dooris:
|
dooris:
|
||||||
|
|
@ -76,4 +76,4 @@ ansible_pull_hosts:
|
||||||
yate:
|
yate:
|
||||||
secrets_hosts:
|
secrets_hosts:
|
||||||
hosts:
|
hosts:
|
||||||
rt1:
|
z9-router:
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue
It's fine, just feel like
rt1is one of those obscure names again, which gives more trouble than benefit.do you have an idea/a proposal for a better name?
maybe z9-router or something like that?
I would say it would not be a good idea to name it just router,
because of the indirect name collision with the chaosknoten router.
Oh, that totally makes sense. I'm fine with the name, if others really like it, but personally I would prefer something like
z9-routerindeed.