finito

155f25c0 · jorge.leitemac · 7712d3f3 · 155f25c0 · 155f25c0 · 155f25c0
Commit 155f25c0 authored 2 years ago by jorge.leitemac
--- a/hosts/vars/H2/main.yaml
+++ b/hosts/vars/H2/main.yaml
@@ -6,6 +6,10 @@ if0:
  netmask: 255.255.255.0
  gateway: 3.0.0.2

+nginx_address: "10.0.0.2"
+port_nginx: 80
+nginx_allow_ip: "10.0.0.1/24"
+
 wg_endpoint: "1.0.0.3:51820"
 server_name: "1.0.0.3"
 listen_port: 51820

--- a/pb2.yml
+++ b/pb2.yml
@@ -40,6 +40,7 @@
        state: restarted


+
 - name: Configurer wireguard
  hosts: hosts
  become: yes
@@ -79,7 +80,8 @@
        src: templates/ngnx.conf.j2
        dest: /etc/nginx/sites-available/default
      vars:
-        s_ip: "{{ wg_address }}"
+        listen: "{{ nginx_address }}:{{ port_nginx }} "
+        allow_ip: "{{ nginx_allow_ip }}"
      notify: Restart Nginx

    - name: Configurer la page web avec Nginx
@@ -90,8 +92,6 @@
        wg_ip: "{{ wg_address }}"
      notify: Restart Nginx
    
-    
-
  handlers:
    # Redémarrer Nginx
    - name: Restart Nginx
@@ -109,7 +109,6 @@
    - name: Test de connexion avec curl
      shell: curl -I -m 5 http://10.0.0.2:80
      register: result
-      ignore_errors: yes

    - name: Afficher le résultat
      debug:

--- a/playbook.yml
+++ b/playbook.yml
 # playbook.yml

-# Configuration des interfaces réseaux pour les hosts
+# Configuration des interfaces réseaux et des routes pour les hosts
 - hosts: hosts
  become: yes
  vars_files:
@@ -14,7 +14,7 @@

    - name: Configure interface {{ if0.name }}
      template:
-        src: templates/iface_hosts.j2
+        src: templates/iface.j2
        dest: "{{ interfaces_path }}{{ if0.name }}"
      vars:
        iface: "{{ if0.name }}"
@@ -29,7 +29,7 @@
        name: networking
        state: restarted

-# Configuration des interfaces réseaux pour les routers
+# Configuration des interfaces réseaux et des routes pour les routers
 - hosts: routers
  become: yes
  vars_files: routers/vars/{{ inventory_hostname }}/main.yaml
@@ -47,17 +47,19 @@

  - name: Configure interface {{ if0.name }}
    template:
-      src: templates/iface_router.j2
+      src: templates/iface.j2
      dest: "{{ interfaces_path }}{{ if0.name }}"
    vars:
      iface: "{{ if0.name }}"
      address: "{{ if0.address }}"
      netmask: "{{ if0.netmask }}"
+      reseau_dist: "{{ route_to_add }}"
+      gw: "{{ default_r }}"
    notify: Restart networking

  - name: Configure interface {{ if1.name }}
    template:
-      src: templates/iface_router.j2
+      src: templates/iface.j2
      dest: "{{ interfaces_path }}{{ if1.name }}"
    vars:
      iface: "{{ if1.name }}"
@@ -71,27 +73,6 @@
        name: networking
        state: restarted
  
-# ajout des routes manuellement après car sinon le nexthop n'existe pas car R2 n'est pas encore configuré
- hosts: routers
-  become: yes
-  vars_files: routers/vars/{{ inventory_hostname }}/main.yaml
-
-  tasks:
-    - name: Add post-up routes to interfaces file
-      blockinfile:
-        path: "{{ interfaces_path }}eth0"
-        marker: "# {mark} ANSIBLE MANAGED BLOCK2"
-        block: |
-          post-up ip route replace default via {{ default_r }}
-          post-up ip route add {{ route_to_add }} via {{ default_r }} dev eth0
-      notify: Restart networking
-
-  handlers:
-    - name: Restart networking 
-      ansible.builtin.service:
-        name: networking
-        state: restarted
-  
 # Test de ping entre les hosts
 - hosts: H1
  become: yes

--- a/routers/vars/R1/main.yaml
+++ b/routers/vars/R1/main.yaml
@@ -5,7 +5,6 @@ if0:
  name: eth0
  address: 2.0.0.1
  netmask: 255.255.255.0
-
 if1:
  name: eth1
  address: 1.0.0.1

--- a/templates/iface.j2
+++ b/templates/iface.j2
+auto {{ iface }}
+iface {{ iface }} inet static
+address {{ address }}
+netmask {{ netmask }}
+{% if 'H' in inventory_hostname %}
+    post-up ip route replace default via {{ if0.gateway }}
+{% elif '0' in iface and 'R' in inventory_hostname %}
+    post-up ip route add {{ reseau_dist }} via {{ gw }} dev eth0
+{% endif %}
\ No newline at end of file
--- a/templates/iface_hosts.j2
+++ b/templates/iface_hosts.j2
-auto {{ if0.name }}
-iface {{ if0.name }} inet static
-address {{ if0.address }}
-netmask {{ if0.netmask }}
-{% if 'hosts' in group_names %}
-  post-up ip route replace default via {{ if0.gateway }}
-{% endif %}
--- a/templates/iface_router.j2
+++ b/templates/iface_router.j2
-auto {{ iface }}
-iface {{ iface }} inet static
-address {{ address }}
-netmask {{ netmask }}
--- a/templates/ngnx.conf.j2
+++ b/templates/ngnx.conf.j2
 server {

-    listen 10.0.0.2:80;
+    listen {{ listen }};
    server_name _;

-    allow 10.0.0.1/24;
+    allow {{ allow_ip }};
    deny all;