From 0854fd206efc3f5ed093fcf2e87ed64d027c7685 Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sun, 12 Aug 2018 14:27:15 -0500 Subject: [PATCH] hosts: Add smtp1.p.b *smtp1.pyrocufflink.blue* is a VM that will replace *smtp0.pyrocufflink.blue*, a Raspberry Pi. I decided that there is little use in having the availability guarantee of a discreet machine for the SMTP relay. The only system that would NEED to send mail if the VM host fails is Zabbix, which operates as its own relay anyway. As such, the main relay can be a VM, and the Raspberry Pi can be repurposed as a recursive DNS server. --- host_vars/smtp1.pyrocufflink.blue/main.yml | 11 +++++++++++ host_vars/smtp1.pyrocufflink.blue/vault | 8 ++++++++ hosts | 2 ++ roles/ssh-hostkeys/files/ssh_known_hosts | 3 +++ 4 files changed, 24 insertions(+) create mode 100644 host_vars/smtp1.pyrocufflink.blue/main.yml create mode 100644 host_vars/smtp1.pyrocufflink.blue/vault diff --git a/host_vars/smtp1.pyrocufflink.blue/main.yml b/host_vars/smtp1.pyrocufflink.blue/main.yml new file mode 100644 index 0000000..dfb9ac3 --- /dev/null +++ b/host_vars/smtp1.pyrocufflink.blue/main.yml @@ -0,0 +1,11 @@ +smtp_username: '{{ ansible_fqdn }}' +smtp_password: '{{ vault_smtp_password }}' +smtp_inet_interfaces: all +# TODO: Dynamically calculate these +smtp_mynetworks: +- 172.30.0.0/26 +- 172.31.0.0/27 +- '[fd99:8cd7:6528:fe1e::]/64' +- '[fd99:8cd7:6528::]/64' +- '[2605:6000:3ccd:da1e::]/64' +- '[2605:6000:3ccd:da01::]/64' diff --git a/host_vars/smtp1.pyrocufflink.blue/vault b/host_vars/smtp1.pyrocufflink.blue/vault new file mode 100644 index 0000000..eb17e97 --- /dev/null +++ b/host_vars/smtp1.pyrocufflink.blue/vault @@ -0,0 +1,8 @@ +$ANSIBLE_VAULT;1.1;AES256 +39323632366639663466613963386638626664323666616164353365376630333035383236663061 +6437376261363436633431393766333837633161623032300a366132393366396463333136663863 +66396439663734393837366461346138636530363366303562646262313931626632326531666433 +3338316133623739350a633333656366393935363834366633326239346332333664353537373664 +61353437653263666261613033663532363939396332666265656138643664363436646138343734 +32356134353034623161353533336635306162353939666437636637356235363861626430653738 +633661656535353137373233666566313238 diff --git a/hosts b/hosts index 290e555..ad3d73a 100644 --- a/hosts +++ b/hosts @@ -73,6 +73,7 @@ jenkins0.pyrocufflink.blue koji0.pyrocufflink.blue rprx0.pyrocufflink.blue smtp0.pyrocufflink.blue +smtp1.pyrocufflink.blue vmhost0.pyrocufflink.blue web0.pyrocufflink.blue zbx0.pyrocufflink.blue @@ -92,6 +93,7 @@ dc1.pyrocufflink.blue [smtp-relay] smtp0.pyrocufflink.blue +smtp1.pyrocufflink.blue [smtp-relay:children] zabbix-server diff --git a/roles/ssh-hostkeys/files/ssh_known_hosts b/roles/ssh-hostkeys/files/ssh_known_hosts index 8b1931f..eb05827 100644 --- a/roles/ssh-hostkeys/files/ssh_known_hosts +++ b/roles/ssh-hostkeys/files/ssh_known_hosts @@ -52,3 +52,6 @@ koji0.pyrocufflink.blue ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHsxeHFHrDxfPSrX0xFy burp0.pyrocufflink.blue ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGw4fDPocAgCyZbCzc1vV/cwUc8nOMuDB3bMM7t3pI1ju8HZqyRydfxa1ZpbeS2kK/UEuiyHm3c6H8kqN8IbZ3o= burp0.pyrocufflink.blue ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxxSpmOyn7xfiF/imUefpXIVhAy9wfi/LCFGTgMJY5oapyrH0ADuqgsBb8rdys3kR4pzAjdpfHND9F+Xo1FSlzQ9JvzJoij3jTiW5o1DIjBBzAwkSZcbTARj1eOf5Yr/K28pZLGDiiDT52VWwtmxMmcFCKoOEyuXMIUYPBGU0/JBylS7ZkFs9RO0IDct5/TumSeeqYJ6jhcYNZ8zY0KlvD4tVxtJ2gGxEAWNCBGGtm4I/JUvHn4STVoex5H75hLYJjUqjBMD37+cYVl084DACGmLeWfSJ96E6n9q931XnCpOSY8sziZAJ+IhwOtdQ88SA2y9SdahosbSW50mJvESrT burp0.pyrocufflink.blue ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzjKUePu8mb1c+Vry5x0zuFd0vWTR+gnh011QMtkjQt +smtp1.pyrocufflink.blue ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEl6BGcP1jduWmbZpr74JgpwUVqTrO7xP1AuAUoVTBcUkUd7bI5mLSdtJw6kye/HXxIda7YtwNHf28Mxajb0B24= +smtp1.pyrocufflink.blue ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsPAhJA+iUJW3vtUEujSZKRCavblfAxYHukDPgvzW4+jaWzQkok9LifZMcMQNLRr2Yw3jo9vyxqvF2d/ptRJnk/dNdvfx9FCKLD9K4xywRqlxaJ/g4joOikPTC75XDiwNv+LHFLaB4PyQ8nmMeu2TzDBvKAXgOIwjdySQXsdDyECdyJ76vHaUjI42T5pHJHIojahfSSAmOqEZdp9x7gpo/KGwcgXxesJ8mFJTjGE5SfEoYXekwxfFmnB+mKSiB80kh9jhjkHioRGz/138/JwBPU1wp4S+PYKHIlYb92RdEo/RUqpiYQTiEckB8KJAwBIUVHwJ5dO745ylLnLBCMX8f +smtp1.pyrocufflink.blue ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMtM5xa8DfADYSduknSLopT1wo14MTqEi7C/z2jgGXx2