#+BEGIN_SRC conf :tangle playbooks/check-inst-vars.yml
- hosts: localhost
gather_facts: no
- tasks:
- - include_vars: ../public/vars.yml
- - include_vars: ../private/vars.yml
- - copy:
- content: |
- $domain_name = "{{ domain_name }}";
- $domain_priv = "{{ domain_priv }}";
+ roles: [ check-inst-vars ]
+#+END_SRC
+
+** The check-inst-vars Role
+
+This role is executed by =playbooks/check-inst-vars.yml= and is not
+just a playbook because it needs a copy of the role defaults.
+
+#+CAPTION: [[file:roles_t/check-inst-vars/defaults/main.yml][=roles_t/check-inst-vars/defaults/main.yml=]]
+#+BEGIN_SRC conf :tangle roles_t/check-inst-vars/defaults/main.yml :noweb no-export :mkdirp yes
+---
+<<network-vars>>
+<<address-vars>>
+#+END_SRC
- $front_addr = "{{ front_addr }}";
- $front_wg_pubkey = "{{ front_wg_pubkey }}";
+#+CAPTION: [[file:roles_t/check-inst-vars/tasks/main.yml][=roles_t/check-inst-vars/tasks/main.yml=]]
+#+BEGIN_SRC conf :tangle roles_t/check-inst-vars/tasks/main.yml :mkdirp yes
+---
+- include_vars: ../public/vars.yml
+- include_vars: ../private/vars.yml
+- copy:
+ content: |
+ $domain_name = "{{ domain_name }}";
+ $domain_priv = "{{ domain_priv }}";
- $public_wg_net_cidr = "{{ public_wg_net_cidr }}";
- $public_wg_port = "{{ public_wg_port }}";
+ $front_addr = "{{ front_addr }}";
+ $front_wg_pubkey = "{{ front_wg_pubkey }}";
- $private_net_cidr = "{{ private_net_cidr }}";
- $wild_net_cidr = "{{ wild_net_cidr }}";
+ $public_wg_net_cidr = "{{ public_wg_net_cidr }}";
+ $public_wg_port = "{{ public_wg_port }}";
- $gate_wild_addr = "{{ gate_wild_addr }}";
- $gate_wg_pubkey = "{{ gate_wg_pubkey }}";
+ $private_net_cidr = "{{ private_net_cidr }}";
+ $wild_net_cidr = "{{ wild_net_cidr }}";
- $campus_wg_net_cidr = "{{ campus_wg_net_cidr }}";
- $campus_wg_port = "{{ campus_wg_port }}";
+ $gate_wild_addr = "{{ gate_wild_addr }}";
+ $gate_wg_pubkey = "{{ gate_wg_pubkey }}";
- $core_addr = "{{ core_addr }}";
- $core_wg_pubkey = "{{ core_wg_pubkey }}";
- dest: ../private/vars.pl
- mode: u=rw,g=,o=
+ $campus_wg_net_cidr = "{{ campus_wg_net_cidr }}";
+ $campus_wg_port = "{{ campus_wg_port }}";
+
+ $core_addr = "{{ core_addr }}";
+ $core_wg_pubkey = "{{ core_wg_pubkey }}";
+ dest: ../private/vars.pl
+ mode: u=rw,g=,o=
#+END_SRC
Most of these settings are already in =private/vars.yml=. The
- thing 3 LdsCsgfjKCfd5+VKS+Q/dQhWO8NRNygByDO2VxbXlSQ=
#+END_SRC
-The test campus starts with the empty membership roll found in
-[[file:private/members-empty.yml][=private/members-empty.yml=]] and saved in =private/members.yml=
-(which is /not/ tangled from this document, thus /not/ over-written
-during testing). If =members.yml= is not found, =members-empty.yml=
-is used instead.
+The =members.yml= file will be modified during testing, and should not
+be overwritten by a re-tangle during testing, so it not tangled from
+this file. Thus in the fresh built (e.g. test) system
+=private/members.yml= does not exist, not until a ~./inst new~ command
+creates the first member. Until then, Ansible includes the
+=private/members-empty.yml= file. It does that using the
+~first_found~ lookup plugin and a list of the two files with
+=members.yml= first and =members-empty.yml= last. That list is the
+value of ~membership_rolls~.
+
+#+CAPTION: ~membership-rolls~
+#+BEGIN_SRC conf
+membership_rolls:
+- "../private/members.yml"
+- "../private/members-empty.yml"
+#+END_SRC
#+CAPTION: [[file:private/members-empty.yml][=private/members-empty.yml=]]
#+BEGIN_SRC conf :tangle private/members-empty.yml :tangle-mode u=rw,g=,o=
clients: []
#+END_SRC
-Both locations go on the ~membership_rolls~ variable used by the
-~include_vars~ tasks.
-
-#+CAPTION: ~membership-rolls~
-#+BEGIN_SRC conf
-membership_rolls:
-- "../private/members.yml"
-- "../private/members-empty.yml"
-#+END_SRC
-
Using the standard Perl library ~YAML::XS~, the subroutine for
reading the membership roll is simple, returning the top-level hash
read from the file. The dump subroutine is another story (below).
- hosts: localhost
gather_facts: no
- tasks:
- - include_vars: ../public/vars.yml
- - include_vars: ../private/vars.yml
- - copy:
- content: |
- $domain_name = "{{ domain_name }}";
- $domain_priv = "{{ domain_priv }}";
-
- $front_addr = "{{ front_addr }}";
- $front_wg_pubkey = "{{ front_wg_pubkey }}";
-
- $public_wg_net_cidr = "{{ public_wg_net_cidr }}";
- $public_wg_port = "{{ public_wg_port }}";
-
- $private_net_cidr = "{{ private_net_cidr }}";
- $wild_net_cidr = "{{ wild_net_cidr }}";
-
- $gate_wild_addr = "{{ gate_wild_addr }}";
- $gate_wg_pubkey = "{{ gate_wg_pubkey }}";
-
- $campus_wg_net_cidr = "{{ campus_wg_net_cidr }}";
- $campus_wg_port = "{{ campus_wg_port }}";
-
- $core_addr = "{{ core_addr }}";
- $core_wg_pubkey = "{{ core_wg_pubkey }}";
- dest: ../private/vars.pl
- mode: u=rw,g=,o=
+ roles: [ check-inst-vars ]
--- /dev/null
+---
+private_net:
+ "{{ private_net_cidr | ansible.utils.ipaddr('network') }}"
+private_net_mask:
+ "{{ private_net_cidr | ansible.utils.ipaddr('netmask') }}"
+private_net_and_mask: "{{ private_net }} {{ private_net_mask }}"
+wild_net: "{{ wild_net_cidr | ansible.utils.ipaddr('network') }}"
+wild_net_mask:
+ "{{ wild_net_cidr | ansible.utils.ipaddr('netmask') }}"
+wild_net_and_mask: "{{ wild_net }} {{ wild_net_mask }}"
+wild_net_broadcast:
+ "{{ wild_net_cidr | ansible.utils.ipaddr('broadcast') }}"
+public_wg_net:
+ "{{ public_wg_net_cidr | ansible.utils.ipaddr('network') }}"
+public_wg_net_mask:
+ "{{ public_wg_net_cidr | ansible.utils.ipaddr('netmask') }}"
+public_wg_net_and_mask:
+ "{{ public_wg_net }} {{ public_wg_net_mask }}"
+campus_wg_net:
+ "{{ campus_wg_net_cidr | ansible.utils.ipaddr('network') }}"
+campus_wg_net_mask:
+ "{{ campus_wg_net_cidr | ansible.utils.ipaddr('netmask') }}"
+campus_wg_net_and_mask:
+ "{{ campus_wg_net }} {{ campus_wg_net_mask }}"
+core_addr_cidr: "{{ private_net_cidr | ansible.utils.ipaddr('1') }}"
+gate_addr_cidr: "{{ private_net_cidr | ansible.utils.ipaddr('2') }}"
+gate_wild_addr_cidr:
+ "{{ wild_net_cidr | ansible.utils.ipaddr('1') }}"
+front_wg_addr_cidr:
+ "{{ public_wg_net_cidr | ansible.utils.ipaddr('1') }}"
+core_wg_addr_cidr:
+ "{{ public_wg_net_cidr | ansible.utils.ipaddr('2') }}"
+
+core_addr: "{{ core_addr_cidr | ansible.utils.ipaddr('address') }}"
+gate_addr: "{{ gate_addr_cidr | ansible.utils.ipaddr('address') }}"
+gate_wild_addr:
+ "{{ gate_wild_addr_cidr | ansible.utils.ipaddr('address') }}"
+front_wg_addr:
+ "{{ front_wg_addr_cidr | ansible.utils.ipaddr('address') }}"
+core_wg_addr:
+ "{{ core_wg_addr_cidr | ansible.utils.ipaddr('address') }}"
--- /dev/null
+---
+- include_vars: ../public/vars.yml
+- include_vars: ../private/vars.yml
+- copy:
+ content: |
+ $domain_name = "{{ domain_name }}";
+ $domain_priv = "{{ domain_priv }}";
+
+ $front_addr = "{{ front_addr }}";
+ $front_wg_pubkey = "{{ front_wg_pubkey }}";
+
+ $public_wg_net_cidr = "{{ public_wg_net_cidr }}";
+ $public_wg_port = "{{ public_wg_port }}";
+
+ $private_net_cidr = "{{ private_net_cidr }}";
+ $wild_net_cidr = "{{ wild_net_cidr }}";
+
+ $gate_wild_addr = "{{ gate_wild_addr }}";
+ $gate_wg_pubkey = "{{ gate_wg_pubkey }}";
+
+ $campus_wg_net_cidr = "{{ campus_wg_net_cidr }}";
+ $campus_wg_port = "{{ campus_wg_port }}";
+
+ $core_addr = "{{ core_addr }}";
+ $core_wg_pubkey = "{{ core_wg_pubkey }}";
+ dest: ../private/vars.pl
+ mode: u=rw,g=,o=
projects / Institute.git / commitdiff