all: vars: # Environment-wide data external_domain: aninix.net replica_domain: "MSN0.AniNIX.net" time_zone: "America/Chicago" # Services used by all router: 10.0.1.1 netmask: 24 dhcprange: '10.0.1.224,10.0.1.254,255.255.255.0,12h' staticrange: '10.0.1.1,10.0.1.223,255.255.255.0,12h' dns: "10.0.1.2" logserver: "10.0.1.16" webfront: "10.0.1.3" mirroruri: "http://Maat.MSN0.AniNIX.net:9129/repo/archlinux/$repo/os/$arch" # Standards daemon_shell: /sbin/nologin user_shell: /bin/bash ansible_become_method: sudo ansible_become_user: root static: false wireless_ssid: 'Shadowfeed' ansible_python_interpreter: auto_silent ldap: server: "10.0.1.3" orgdn: "dc=aninix,dc=net" binduser: 'binduser' userou: 'ou=People' organization: # Information about the group admin: 'DarkFeather' email: 'ircs://irc.aninix.net:6697/DarkFeather' displayname: 'AniNIX' gpgkey: '904DE6275579CB589D85720C1CC1E3F4ED06F296' ssl: # Standard SSL cryptographic standards identity: 'aninix.net-0001' # The Let's Encrypt identity to use ciphersuite: "!NULL:!SSLv2:!SSLv3:!TLSv1:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH" children: managed: children: physical: # 10.0.1.0/28 hosts: Nazara: ipinterface: eth0 ip: 10.0.1.2 mac: B8:27:EB:B6:AA:0C static: true Core: ipinterface: enp1s0f0 ip: 10.0.1.3 mac: 00:25:90:0d:6e:86 static: true sslidentity: aninix.net-0001 secdetection: true iptv_location: "Milwaukee|Madison" aether_source: true Node0: ipinterface: enp1s0f0 ip: 10.0.1.4 mac: DE:8B:9E:19:55:1D tap: true Node1: ipinterface: enp1s0f0 ip: 10.0.1.5 mac: B0:41:6F:0D:47:E1 tap: true Node2: ipinterface: enp1s0f0 ip: 10.0.1.7 mac: B0:41:6F:0D:41:D1 tap: true Node3: ipinterface: enp1s0f0 ip: 10.0.1.8 mac: B0:41:6F:0D:51:0E tap: true virtual: # 10.0.1.16/28 vars: hosts: Sharingan: ip: 10.0.1.16 ipinterface: ens3 mac: 00:15:5D:01:02:10 cores: 4 memory: 4 vnc: 8 bridge: br0 uefi: true siem: true disks: - '-drive format=raw,index=0,media=disk,file=/dev/sdb' # On hold because of https://aninix.net/DarkFeather/MSN0/issues/6 holdpkg: "elasticsearch graylog mongodb44-bin mongodb-tools-bin" DarkNet: ipinterface: ens3 ip: 10.0.1.17 mac: 00:15:5D:01:02:05 cores: 2 memory: 2 vnc: 9 disks: - '-drive format=raw,index=0,media=disk,file=/dev/sdd' Maat: ip: 10.0.1.18 ipinterface: ens3 mac: 00:15:5d:01:02:07 cores: 2 memory: 2 bridge: br0 vnc: 7 disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/Maat.qcow2' geth_hubs: # 10.0.1.32/28 vars: motion_enabled: yes hosts: Geth-Hub-1: ip: 10.0.1.32 mac: 84:16:F9:14:15:C5 rotate: 0 remote: NS-RC4NA-14 Geth-Hub-2: ip: 10.0.1.33 mac: 84:16:F9:13:B6:E6 motion_enabled: no rotate: 180 remote: NS-RC4NA-14 Geth-Hub-3: ip: 10.0.1.34 mac: b8:27:eb:60:73:68 rotate: 90 remote: LG-AKB73715608 unmanaged: children: # Both OVA groups are in the same subnet -- test_ovas aren't monitored ovas: # 10.0.1.48/28 hosts: Geth: ip: 10.0.1.49 mac: DE:8B:9E:19:55:1E cores: 2 memory: 2 vnc: 6 bridge: br0 uefi: true disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/hassos_ova-5.13.qcow2' test_ovas: # 10.0.1.48/28 hosts: TDS-Jump: ip: 10.0.1.48 mac: 00:15:5d:01:02:08 cores: 2 memory: 2 vnc: 4 bridge: br0 disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/TDSJump.qcow2' DedNet: ip: 10.0.1.50 mac: 00:15:5d:01:02:09 cores: 2 memory: 2 vnc: 3 bridge: br0 disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/DedNet.qcow2' - '-cdrom /srv/maat/iso/kali-linux.iso -boot order=d' Aether: ip: 10.0.1.51 mac: 00:15:5d:01:02:11 cores: 2 memory: 2 vnc: 5 bridge: br0 disks: - '-drive if=none,id=disk0,cache=none,format=raw,aio=native,file=/dev/sdc' - '-cdrom /srv/maat/iso/archlinux.iso -boot order=d' test1: ip: 10.0.1.52 ipinterface: ens3 mac: 00:15:5d:01:02:06 cores: 2 memory: 2 bridge: br0 vnc: 10 disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test1.qcow2' test2: ip: 10.0.1.53 ipinterface: ens3 mac: 00:15:5d:01:02:03 cores: 2 memory: 2 bridge: br0 vnc: 11 disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test2.qcow2' test3: ip: 10.0.1.54 ipinterface: ens3 mac: 00:15:5d:01:02:04 cores: 2 memory: 2 bridge: br0 vnc: 12 disks: - '-drive format=qcow2,l2-cache-size=8M,file=/srv/maat/vm/test3.qcow2' # appliances are monitored -- adhoc_appliances are convenience only and not monitored. appliances: hosts: # 10.0.1.64/27 Shadowfeed: # Router must be at root ip: 10.0.1.1 mac: 2c:30:33:64:f4:03 Print: # Print is excepted for legacy setup reasons before we laid out subnets. ip: 10.0.1.6 mac: 00:80:92:77:CE:E4 Geth-Eyes: ip: 10.0.1.68 mac: 9C:A3:AA:33:A3:99 "Core-Console": ip: 10.0.1.74 mac: 00:25:90:0D:82:5B "Node0-Console": ip: 10.0.1.75 mac: 00:25:90:3E:C6:8C adhoc_appliances: hosts: # 10.0.1.64/27 DarkFeather: ip: 10.0.1.64 mac: D0:40:EF:D4:14:CF Lykos: ip: 10.0.1.65 mac: 70:74:14:4F:8E:42 Games: ip: 10.0.1.66 mac: E0:BE:03:77:0E:88 LivingRoomTV: ip: 10.0.1.69 mac: 80:D2:1D:17:63:0E BedRoomTV: ip: 10.0.1.70 mac: 80:D2:1D:17:63:0F TrainingRoomTV: ip: 10.0.1.71 mac: 80:D2:1D:17:63:10 Tachikoma: ip: 10.0.1.72 mac: 90:0f:0c:1a:d3:23 Dedsec: ip: 10.0.1.73 mac: 34:F6:4B:36:12:8F # dhcp build space: 10.0.1.224/27 iot: # 10.0.2.0/24 hosts: LinKeuei: ip: 10.0.2.2 mac: 64:16:66:08:57:F5 Canary: ip: 10.0.2.3 mac: 18:B4:30:2F:F1:37 Charon: ip: 10.0.2.4 mac: 64:52:99:14:28:2B Skitarii-1: ip: 10.0.2.5 mac: 40:9F:38:95:06:34