bringing vyos-config up to date.
This commit is contained in:
parent
31c27facb1
commit
d0e61a8c90
5 changed files with 20 additions and 11 deletions
|
@ -83,6 +83,7 @@ else
|
||||||
run delete container image "${image_id}"
|
run delete container image "${image_id}"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
sudo find "/config" -name "overlay*" -type d -prune -exec rm -rf "{}" \;
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exit
|
exit
|
||||||
|
|
|
@ -414,10 +414,15 @@ set firewall name servers-local rule 5 description 'Rule: accept_tftp'
|
||||||
set firewall name servers-local rule 5 destination port '69'
|
set firewall name servers-local rule 5 destination port '69'
|
||||||
set firewall name servers-local rule 5 protocol 'udp'
|
set firewall name servers-local rule 5 protocol 'udp'
|
||||||
set firewall name servers-local rule 6 action 'accept'
|
set firewall name servers-local rule 6 action 'accept'
|
||||||
set firewall name servers-local rule 6 description 'Rule: accept_prometheus_from_k8s_nodes'
|
set firewall name servers-local rule 6 description 'Rule: accept_node_exporter_from_k8s_nodes'
|
||||||
set firewall name servers-local rule 6 destination port '9153'
|
set firewall name servers-local rule 6 destination port '9100'
|
||||||
set firewall name servers-local rule 6 protocol 'tcp'
|
set firewall name servers-local rule 6 protocol 'tcp'
|
||||||
set firewall name servers-local rule 6 source group address-group 'k8s_nodes'
|
set firewall name servers-local rule 6 source group address-group 'k8s_nodes'
|
||||||
|
set firewall name servers-local rule 7 action 'accept'
|
||||||
|
set firewall name servers-local rule 7 description 'Rule: accept_speedtest_exporter_from_k8s_nodes'
|
||||||
|
set firewall name servers-local rule 7 destination port '9798'
|
||||||
|
set firewall name servers-local rule 7 protocol 'tcp'
|
||||||
|
set firewall name servers-local rule 7 source group address-group 'k8s_nodes'
|
||||||
|
|
||||||
# From SERVERS to SERVICES
|
# From SERVERS to SERVICES
|
||||||
set firewall name servers-services default-action 'accept'
|
set firewall name servers-services default-action 'accept'
|
||||||
|
|
|
@ -143,7 +143,7 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring ip-address '10.1.1.32'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring ip-address '10.1.1.32'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring mac-address 'd4:5d:64:91:b2:42'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring mac-address 'd4:5d:64:91:b2:42'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax ip-address '10.1.1.33'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax ip-address '10.1.1.33'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '00:e0:4c:68:02:b1'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '04:42:1a:ef:35:73'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping lembas ip-address '10.1.1.34'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping lembas ip-address '10.1.1.34'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping lembas mac-address 'c8:1f:66:10:51:d9'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping lembas mac-address 'c8:1f:66:10:51:d9'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar ip-address '10.1.1.11'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar ip-address '10.1.1.11'
|
||||||
|
@ -155,8 +155,8 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping jellydocks ip-address '10.1.1.14'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping jellydocks ip-address '10.1.1.14'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping jellydocks mac-address 'ea:87:86:9c:73:43'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping jellydocks mac-address 'ea:87:86:9c:73:43'
|
||||||
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping horus ip-address '10.1.1.51'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nextcloud ip-address '10.1.1.51'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping horus mac-address 'b8:27:eb:b2:09:b0'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nextcloud mac-address 'c8:1f:66:10:4d:b9'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo ip-address '10.1.1.52'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo ip-address '10.1.1.52'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo mac-address 'dc:a6:32:09:76:4c'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo mac-address 'dc:a6:32:09:76:4c'
|
||||||
|
|
||||||
|
@ -175,7 +175,7 @@ set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-ma
|
||||||
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping jahanson-iphone ip-address '10.1.2.31'
|
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping jahanson-iphone ip-address '10.1.2.31'
|
||||||
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping jahanson-iphone mac-address 'c2:d2:9a:62:ef:03'
|
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping jahanson-iphone mac-address 'c2:d2:9a:62:ef:03'
|
||||||
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary ip-address '10.1.2.21'
|
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary ip-address '10.1.2.21'
|
||||||
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary mac-address 'f8:4d:89:7a:db:8b'
|
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping legiondary mac-address '54:05:db:b1:95:ff'
|
||||||
|
|
||||||
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping eva-ipad ip-address '10.1.2.35'
|
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping eva-ipad ip-address '10.1.2.35'
|
||||||
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping eva-ipad mac-address 'aa:ab:96:ce:f8:03'
|
set service dhcp-server shared-network-name TRUSTED subnet 10.1.2.0/24 static-mapping eva-ipad mac-address 'aa:ab:96:ce:f8:03'
|
||||||
|
|
|
@ -9,13 +9,16 @@ set system static-host-mapping host-name unifi inet 10.5.0.10
|
||||||
# NAS
|
# NAS
|
||||||
set system static-host-mapping host-name elessar.jahanson.tech inet 10.1.1.11
|
set system static-host-mapping host-name elessar.jahanson.tech inet 10.1.1.11
|
||||||
set system static-host-mapping host-name elessar.jahanson.tech alias nas.jahanson.tech
|
set system static-host-mapping host-name elessar.jahanson.tech alias nas.jahanson.tech
|
||||||
set system static-host-mapping host-name elessar.jahanson.tech alias garage.hsn.dev
|
set system static-host-mapping host-name elessar.jahanson.tech alias minio.hsn.dev
|
||||||
set system static-host-mapping host-name elessar.jahanson.tech alias s3.hsn.dev
|
set system static-host-mapping host-name elessar.jahanson.tech alias s3.hsn.dev
|
||||||
|
|
||||||
|
# Home Assistant
|
||||||
|
set system static-host-mapping host-name homeassistant.jahanson.tech inet 10.1.1.13
|
||||||
|
|
||||||
# Kubernetes hosts
|
# Kubernetes hosts
|
||||||
set system static-host-mapping host-name gandalf.jahanson.tech inet 10.1.1.31
|
set system static-host-mapping host-name gandalf.jahanson.tech inet 10.1.1.31
|
||||||
set system static-host-mapping host-name glamdring.jahanson.tech inet 10.1.1.32
|
set system static-host-mapping host-name glamdring.jahanson.tech inet 10.1.1.32
|
||||||
# set system static-host-mapping host-name shadowfax.jahanson.tech inet 10.1.1.33
|
set system static-host-mapping host-name shadowfax.jahanson.tech inet 10.1.1.33
|
||||||
set system static-host-mapping host-name lembas.jahanson.tech inet 10.1.1.34
|
set system static-host-mapping host-name lembas.jahanson.tech inet 10.1.1.34
|
||||||
|
|
||||||
# Kubernetes cluster VIP
|
# Kubernetes cluster VIP
|
||||||
|
@ -25,7 +28,7 @@ set system static-host-mapping host-name cluster-0.jahanson.tech inet 10.5.0.2
|
||||||
set system static-host-mapping host-name sting.jahanson.tech inet 10.1.1.12
|
set system static-host-mapping host-name sting.jahanson.tech inet 10.1.1.12
|
||||||
set system static-host-mapping host-name frodo.jahanson.tech inet 10.1.1.52
|
set system static-host-mapping host-name frodo.jahanson.tech inet 10.1.1.52
|
||||||
set system static-host-mapping host-name frodo.jahanson.tech alias pikvm.jahanson.tech
|
set system static-host-mapping host-name frodo.jahanson.tech alias pikvm.jahanson.tech
|
||||||
set system static-host-mapping host-name horus.jahanson.tech inet 10.1.1.51
|
set system static-host-mapping host-name nextcloud.jahanson.tech inet 10.1.1.51
|
||||||
|
|
||||||
set system static-host-mapping host-name driveway-camera-doorbell.jahanson.tech inet 10.1.4.12
|
set system static-host-mapping host-name driveway-camera-doorbell.jahanson.tech inet 10.1.4.12
|
||||||
set system static-host-mapping host-name hallway-zigbee-adapter.jahanson.tech inet 10.1.3.46
|
set system static-host-mapping host-name hallway-zigbee-adapter.jahanson.tech inet 10.1.3.46
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
# services not available through the VyOS CLI system can be placed here.
|
# services not available through the VyOS CLI system can be placed here.
|
||||||
|
|
||||||
# Add dotfiles for home directory
|
# Add dotfiles for home directory
|
||||||
tee /home/vyos/.gitconfig <<END
|
tee /home/vyos/.gitconfig <<END >/dev/null
|
||||||
[init]
|
[init]
|
||||||
defaultBranch = main
|
defaultBranch = main
|
||||||
[safe]
|
[safe]
|
||||||
|
@ -14,7 +14,7 @@ tee /home/vyos/.gitconfig <<END
|
||||||
name = Joseph Hanson
|
name = Joseph Hanson
|
||||||
END
|
END
|
||||||
#
|
#
|
||||||
tee -a /home/vyos/.bash_aliases <<END
|
tee -a /home/vyos/.bash_aliases <<END >/dev/null
|
||||||
export SOPS_AGE_KEY_FILE=/config/secrets/age.key
|
export SOPS_AGE_KEY_FILE=/config/secrets/age.key
|
||||||
export GIT_SSH_COMMAND="ssh -i /config/secrets/id_ed25519"
|
export GIT_SSH_COMMAND="ssh -i /config/secrets/id_ed25519"
|
||||||
export VISUAL=nano
|
export VISUAL=nano
|
||||||
|
|
Reference in a new issue