114 lines
2.9 KiB
YAML
114 lines
2.9 KiB
YAML
sshca_url: https://sshca.pyrocufflink.blue
|
|
ssh_trusted_user_ca_keys: >-
|
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyi18IfxAf9wLnyffnMrThYpqxVwu0rsuiLoqW6rcwF sshca.pyrocufflink.blue
|
|
|
|
certbot_account_email: dustin@hatch.name
|
|
smtp:
|
|
mode: relay
|
|
host: mail.pyrocufflink.blue
|
|
|
|
dch_networks:
|
|
jazz:
|
|
description: Legacy network
|
|
vlan_id: 1
|
|
ipv4_address: 172.31.0.0/27
|
|
router_iface: vlan1
|
|
dns_search:
|
|
- pyrocufflink.jazz
|
|
dns_servers:
|
|
- fd99:8cd7:6528:fe1e::4:1
|
|
- fd99:8cd7:6528:fe1e::3:1
|
|
dns_servers_v4:
|
|
- 172.30.0.4
|
|
sla_id: 1
|
|
ntp_servers:
|
|
- tyrande.pyrocufflink.jazz
|
|
|
|
mgmt:
|
|
description: Management network
|
|
vlan_id: 10
|
|
router_iface: vlan10
|
|
ipv4_address: 172.30.0.240/28
|
|
ntp_servers:
|
|
- dc0.pyrocufflink.blue
|
|
dns_servers_v4:
|
|
- 172.30.0.4
|
|
|
|
blue:
|
|
description: pyrocufflink.blue AD domain members only
|
|
vlan_id: 30
|
|
ipv4_address: 172.30.0.0/26
|
|
ipv6_address: fd99:8cd7:6528:fe1e::/64
|
|
router_iface: vlan30
|
|
dns_search:
|
|
- pyrocufflink.blue
|
|
dns_servers:
|
|
- fd99:8cd7:6528:fe1e::4:1
|
|
- fd99:8cd7:6528:fe1e::3:1
|
|
dns_servers_v4:
|
|
- 172.30.0.4
|
|
sla_id: 30
|
|
ntp_servers:
|
|
- dc0.pyrocufflink.blue
|
|
|
|
red:
|
|
description: Non-domain member machines
|
|
vlan_id: 101
|
|
ipv4_address: 172.31.1.0/24
|
|
router_iface: vlan101
|
|
dns_servers:
|
|
- fd99:8cd7:6528:fe1e::4:1
|
|
- fd99:8cd7:6528:fe1e::3:1
|
|
dns_servers_v4:
|
|
- 172.30.0.4
|
|
sla_id: 101
|
|
ntp_servers:
|
|
- dc0.pyrocufflink.blue
|
|
|
|
guest:
|
|
description: Guest Wi-Fi
|
|
vlan_id: 100
|
|
ipv4_address: 172.24.100.0/24
|
|
router_iface: vlan100
|
|
|
|
dmz:
|
|
description: DMZ
|
|
vlan_id: 254
|
|
router_iface: vlan254
|
|
|
|
|
|
firemon_networks:
|
|
- 192.168.0.0/16
|
|
- 172.16.0.0/20
|
|
- 172.24.16.0/20
|
|
- 172.28.33.0/24
|
|
- 10.64.11.0/24
|
|
|
|
promtail_clients:
|
|
- url: https://loki.pyrocufflink.blue/loki/api/v1/push
|
|
tls_config:
|
|
ca_file: /etc/promtail/ca.crt
|
|
promtail_ca: |
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIBxDCCAWqgAwIBAgIUbHz2tssa09zsHk+EdGD3QKprMKQwCgYIKoZIzj0EAwQw
|
|
QDELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD0R1c3RpbiBDLiBIYXRjaDEXMBUGA1UE
|
|
AwwORENIIFJvb3QgQ0EgUjIwHhcNMjMwOTI0MjA1MzA5WhcNNDMwOTE5MjA1MzA5
|
|
WjBAMQswCQYDVQQGEwJVUzEYMBYGA1UECgwPRHVzdGluIEMuIEhhdGNoMRcwFQYD
|
|
VQQDDA5EQ0ggUm9vdCBDQSBSMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABE2D
|
|
NJHRcjuA19ZoprBKaxIfUxAbz6LigM7dgtO6+isaMlxRAVJmsITADIE/22RrUDgD
|
|
Ofkt2iZTUjMrz3AxXhWjQjBAMB0GA1UdDgQWBBTM+d8kb1koGmKRtJs4gN9zYa+6
|
|
oTASBgNVHRMBAf8ECDAGAQH/AgEBMAsGA1UdDwQEAwIBBjAKBggqhkjOPQQDBANI
|
|
ADBFAiEA2Ka8mMiAFLmrFWt0dAml247re2+i4UPhyHcOBfNK+goCIHv+vEw7CHZQ
|
|
irIa697nfe4KiXIMwHlAMS1+1QZohFDC
|
|
-----END CERTIFICATE-----
|
|
|
|
dnf_automatic_email_from: dnf@pyrocufflink.net
|
|
dnf_automatic_email_to: gyrfalcon@ebonfire.com
|
|
dnf_automatic_email_host: mail.pyrocufflink.blue
|
|
|
|
dnf_automatic_schedule: >-
|
|
{{ ['Mon', 'Tue', 'Wed', 'Thu']
|
|
| random(seed=inventory_hostname)
|
|
| string
|
|
}} *-*-* 04:00:00 America/Chicago
|