bringing vyos-config up to date.

2023-05-02 08:36:56 -05:00 · 2023-05-02 08:36:56 -05:00 · d0e61a8c90
commit d0e61a8c90
parent 31c27facb1
5 changed files with 20 additions and 11 deletions
--- a/apply-config.sh
+++ b/apply-config.sh
@ -83,6 +83,7 @@ else
      run delete container image "${image_id}"
    fi
  done
  sudo find "/config" -name "overlay*" -type d -prune -exec rm -rf "{}" \;
 fi
 exit
--- a/config-parts/firewall-name.sh
+++ b/config-parts/firewall-name.sh
@ -414,10 +414,15 @@ set firewall name servers-local rule 5 description 'Rule: accept_tftp'
 set firewall name servers-local rule 5 destination port '69'
 set firewall name servers-local rule 5 protocol 'udp'
 set firewall name servers-local rule 6 action 'accept'
-set firewall name servers-local rule 6 description 'Rule: accept_prometheus_from_k8s_nodes'
+set firewall name servers-local rule 6 description 'Rule: accept_node_exporter_from_k8s_nodes'
-set firewall name servers-local rule 6 destination port '9153'
+set firewall name servers-local rule 6 destination port '9100'
 set firewall name servers-local rule 6 protocol 'tcp'
 set firewall name servers-local rule 6 source group address-group 'k8s_nodes'
 set firewall name servers-local rule 7 action 'accept'
 set firewall name servers-local rule 7 description 'Rule: accept_speedtest_exporter_from_k8s_nodes'
 set firewall name servers-local rule 7 destination port '9798'
 set firewall name servers-local rule 7 protocol 'tcp'
 set firewall name servers-local rule 7 source group address-group 'k8s_nodes'
 # From SERVERS to SERVICES
 set firewall name servers-services default-action 'accept'
--- a/config-parts/service-dhcp_server.sh
+++ b/config-parts/service-dhcp_server.sh
@ -143,7 +143,7 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring ip-address '10.1.1.32'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring mac-address 'd4:5d:64:91:b2:42'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax ip-address '10.1.1.33'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '00:e0:4c:68:02:b1'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '04:42:1a:ef:35:73'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping lembas ip-address '10.1.1.34'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping lembas mac-address 'c8:1f:66:10:51:d9'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar ip-address '10.1.1.11'
@ -155,8 +155,8 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping jellydocks ip-address '10.1.1.14'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping jellydocks mac-address 'ea:87:86:9c:73:43'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping horus ip-address '10.1.1.51'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nextcloud ip-address '10.1.1.51'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping horus mac-address 'b8:27:eb:b2:09:b0'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nextcloud mac-address 'c8:1f:66:10:4d:b9'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo ip-address '10.1.1.52'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo mac-address 'dc:a6:32:09:76:4c'
@ -175,7 +175,7 @@ set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-ma
 set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping jahanson-iphone ip-address '10.1.2.31'
 set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping jahanson-iphone mac-address 'c2:d2:9a:62:ef:03'
 set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary ip-address '10.1.2.21'
-set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary mac-address 'f8:4d:89:7a:db:8b'
+set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary mac-address '54:05:db:b1:95:ff'
 set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping eva-ipad ip-address '10.1.2.35'
 set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping eva-ipad mac-address 'aa:ab:96:ce:f8:03'
--- a/config-parts/system-static_host_mapping.sh
+++ b/config-parts/system-static_host_mapping.sh
@ -9,13 +9,16 @@ set system static-host-mapping host-name unifi inet 10.5.0.10
 # NAS
 set system static-host-mapping host-name elessar.jahanson.tech inet 10.1.1.11
 set system static-host-mapping host-name elessar.jahanson.tech alias nas.jahanson.tech
-set system static-host-mapping host-name elessar.jahanson.tech alias garage.hsn.dev
+set system static-host-mapping host-name elessar.jahanson.tech alias minio.hsn.dev
 set system static-host-mapping host-name elessar.jahanson.tech alias s3.hsn.dev
 # Home Assistant
 set system static-host-mapping host-name homeassistant.jahanson.tech inet 10.1.1.13
 # Kubernetes hosts
 set system static-host-mapping host-name gandalf.jahanson.tech inet 10.1.1.31
 set system static-host-mapping host-name glamdring.jahanson.tech inet 10.1.1.32
-# set system static-host-mapping host-name shadowfax.jahanson.tech inet 10.1.1.33
+set system static-host-mapping host-name shadowfax.jahanson.tech inet 10.1.1.33
 set system static-host-mapping host-name lembas.jahanson.tech inet 10.1.1.34
 # Kubernetes cluster VIP
@ -25,7 +28,7 @@ set system static-host-mapping host-name cluster-0.jahanson.tech inet 10.5.0.2
 set system static-host-mapping host-name sting.jahanson.tech inet 10.1.1.12
 set system static-host-mapping host-name frodo.jahanson.tech inet 10.1.1.52
 set system static-host-mapping host-name frodo.jahanson.tech alias pikvm.jahanson.tech
-set system static-host-mapping host-name horus.jahanson.tech inet 10.1.1.51
+set system static-host-mapping host-name nextcloud.jahanson.tech inet 10.1.1.51
 set system static-host-mapping host-name driveway-camera-doorbell.jahanson.tech inet 10.1.4.12
 set system static-host-mapping host-name hallway-zigbee-adapter.jahanson.tech inet 10.1.3.46
--- a/scripts/vyos-postconfig-bootup.script
+++ b/scripts/vyos-postconfig-bootup.script
@ -4,7 +4,7 @@
 # services not available through the VyOS CLI system can be placed here.
 # Add dotfiles for home directory
-tee /home/vyos/.gitconfig <<END
+tee /home/vyos/.gitconfig <<END >/dev/null
 [init]
  defaultBranch = main
 [safe]
@ -14,7 +14,7 @@ tee /home/vyos/.gitconfig <<END
  name = Joseph Hanson
 END
 #
-tee -a /home/vyos/.bash_aliases <<END
+tee -a /home/vyos/.bash_aliases <<END >/dev/null
 export SOPS_AGE_KEY_FILE=/config/secrets/age.key
 export GIT_SSH_COMMAND="ssh -i /config/secrets/id_ed25519"
 export VISUAL=nano