jahanson/vyos-config
Archived
1
0
Fork 0
Code Issues 1 Pull requests 1 Projects Releases Packages Wiki Activity

Added worker node for gpu pods 'nahar'.

Browse source
This commit is contained in:
Joseph Hanson 2023-05-30 07:49:47 -05:00
parent 19d509dc35
commit 8927dc77f1
Signed by: jahanson
SSH key fingerprint: SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
5 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
config-parts/firewall-name.sh
View file

@ -105,6 +105,10 @@ set firewall name iot-local rule 7 description 'Rule: accept_discovery_from_sono
set firewall name iot-local rule 7 destination port '1900,1901,1902,57621'
set firewall name iot-local rule 7 protocol 'udp'
set firewall name iot-local rule 7 source group address-group 'sonos_controllers'
set firewall name iot-local rule 8 action 'accept'
set firewall name iot-local rule 8 description 'Rule: accept_dns'
set firewall name iot-local rule 8 destination port 'domain,domain-s'
set firewall name iot-local rule 8 protocol 'tcp_udp'
# From IOT to SERVERS
set firewall name iot-servers default-action 'drop'
@ -431,13 +435,9 @@ set firewall name servers-local rule 8 destination port '3784'
set firewall name servers-local rule 8 protocol 'udp'
set firewall name servers-local rule 8 source group address-group 'k8s_nodes'
set firewall name servers-local rule 9 action 'accept'
set firewall name servers-local rule 9 description 'Rule: accept_dns_udp'
set firewall name servers-local rule 9 destination port '53'
set firewall name servers-local rule 9 protocol 'udp'
set firewall name servers-local rule 10 action 'accept'
set firewall name servers-local rule 10 description 'Rule: accept_dns_tcp'
set firewall name servers-local rule 10 destination port '53'
set firewall name servers-local rule 10 protocol 'tcp'
set firewall name servers-local rule 9 description 'Rule: accept_dns'
set firewall name servers-local rule 9 destination port 'domain,domain-s'
set firewall name servers-local rule 9 protocol 'tcp_udp'
# From SERVERS to CONTAINERS
set firewall name servers-containers default-action 'accept'
@ -599,13 +599,9 @@ set firewall name trusted-local rule 10 destination port '1900,1901,1902,57621'
set firewall name trusted-local rule 10 protocol 'udp'
set firewall name trusted-local rule 10 source group address-group 'sonos_controllers'
set firewall name trusted-local rule 11 action 'accept'
set firewall name trusted-local rule 11 description 'Rule: accept_dns_udp'
set firewall name trusted-local rule 11 destination port '53'
set firewall name trusted-local rule 11 protocol 'udp'
set firewall name trusted-local rule 12 action 'accept'
set firewall name trusted-local rule 12 description 'Rule: accept_dns_tcp'
set firewall name trusted-local rule 12 destination port '53'
set firewall name trusted-local rule 12 protocol 'tcp'
set firewall name trusted-local rule 11 description 'Rule: accept_dns'
set firewall name trusted-local rule 11 destination port 'domain,domain-s'
set firewall name trusted-local rule 11 protocol 'tcp_udp'
# From TRUSTED to SERVERS
set firewall name trusted-servers default-action 'accept'

1
config-parts/firewall.sh
View file

@ -57,6 +57,7 @@ set firewall group address-group k8s_nodes address '10.1.1.33'
set firewall group address-group k8s_nodes address '10.1.1.41'
set firewall group address-group k8s_nodes address '10.1.1.42'
set firewall group address-group k8s_nodes address '10.1.1.43'
set firewall group address-group k8s_nodes address '10.1.1.44'
set firewall group address-group k8s_hass address '10.45.0.5'
set firewall group address-group k8s_plex address '10.45.0.20'

3
config-parts/protocols.sh
View file

@ -10,5 +10,8 @@ set protocols bgp neighbor 10.1.1.42 remote-as '64512'
set protocols bgp neighbor 10.1.1.43 address-family ipv4-unicast
set protocols bgp neighbor 10.1.1.43 description 'narya'
set protocols bgp neighbor 10.1.1.43 remote-as '64512'
set protocols bgp neighbor 10.1.1.44 address-family ipv4-unicast
set protocols bgp neighbor 10.1.1.44 description 'nahar'
set protocols bgp neighbor 10.1.1.44 remote-as '64512'
set protocols bgp parameters router-id '10.1.0.1'
set protocols bgp system-as '64512'

2
config-parts/service-dhcp_server.sh
View file

@ -141,6 +141,8 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping vilya mac-address 'ce:06:3f:d5:32:be'
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya ip-address '10.1.1.43'
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya mac-address '6a:5b:95:ec:2a:e1'
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya ip-address '10.1.1.44'
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya mac-address 'f2:09:a3:b9:c8:f8'
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar ip-address '10.1.1.11'
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar mac-address '00:11:32:87:f6:1d'

3
containers/bind/config/zones/db.jahanson.tech
View file

@ -5,7 +5,7 @@
$TTL 3600
$ORIGIN jahanson.tech.
@ 3600 IN SOA gateway.jahanson.tech. gateway.jahanson.tech. (
1683832851 ; serial number (epoch timestamp)
1685450905 ; serial number (epoch timestamp)
7200 ; refresh period
3600 ; retry period
1209600 ; expire time
@ -27,6 +27,7 @@ shadowfax IN A 10.1.1.33
nenya IN A 10.1.1.41
vilya IN A 10.1.1.42
narya IN A 10.1.1.43
nahar IN A 10.1.1.44
nextcloud IN A 10.1.1.51
frodo IN A 10.1.1.52