From e85468f414ede4d7ff76e99162d4aa3c89215b80 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Fri, 26 May 2023 09:00:33 -0500
Subject: [PATCH] Moving cluster onto shadowfax proxmox.

---
 config-parts/firewall.sh                      |  3 +++
 config-parts/protocols.sh                     | 18 +++++++++---------
 config-parts/service-dhcp_server.sh           | 13 +++++++------
 containers/bind/config/zones/db.jahanson.tech |  3 +++
 containers/haproxy/config/haproxy.cfg         | 12 ++++++------
 5 files changed, 28 insertions(+), 21 deletions(-)

diff --git a/config-parts/firewall.sh b/config-parts/firewall.sh
index 0c17008..f9b68a3 100644
--- a/config-parts/firewall.sh
+++ b/config-parts/firewall.sh
@@ -54,6 +54,9 @@ set firewall group address-group k8s_mqtt address '10.45.0.10'
 set firewall group address-group k8s_nodes address '10.1.1.31'
 set firewall group address-group k8s_nodes address '10.1.1.32'
 set firewall group address-group k8s_nodes address '10.1.1.33'
+set firewall group address-group k8s_nodes address '10.1.1.41'
+set firewall group address-group k8s_nodes address '10.1.1.42'
+set firewall group address-group k8s_nodes address '10.1.1.43'
 
 set firewall group address-group k8s_hass address '10.45.0.5'
 set firewall group address-group k8s_plex address '10.45.0.20'
diff --git a/config-parts/protocols.sh b/config-parts/protocols.sh
index 57b76f8..5e96d57 100644
--- a/config-parts/protocols.sh
+++ b/config-parts/protocols.sh
@@ -1,14 +1,14 @@
 #!/bin/vbash
 
 # BGP configuration
-set protocols bgp neighbor 10.1.1.31 address-family ipv4-unicast
-set protocols bgp neighbor 10.1.1.31 description 'gandalf'
-set protocols bgp neighbor 10.1.1.31 remote-as '64512'
-set protocols bgp neighbor 10.1.1.32 address-family ipv4-unicast
-set protocols bgp neighbor 10.1.1.32 description 'glamdring'
-set protocols bgp neighbor 10.1.1.32 remote-as '64512'
-set protocols bgp neighbor 10.1.1.33 address-family ipv4-unicast
-set protocols bgp neighbor 10.1.1.33 description 'shadowfax'
-set protocols bgp neighbor 10.1.1.33 remote-as '64512'
+set protocols bgp neighbor 10.1.1.41 address-family ipv4-unicast
+set protocols bgp neighbor 10.1.1.41 description 'nenya'
+set protocols bgp neighbor 10.1.1.41 remote-as '64512'
+set protocols bgp neighbor 10.1.1.42 address-family ipv4-unicast
+set protocols bgp neighbor 10.1.1.42 description 'vilya'
+set protocols bgp neighbor 10.1.1.42 remote-as '64512'
+set protocols bgp neighbor 10.1.1.43 address-family ipv4-unicast
+set protocols bgp neighbor 10.1.1.43 description 'narya'
+set protocols bgp neighbor 10.1.1.43 remote-as '64512'
 set protocols bgp parameters router-id '10.1.0.1'
 set protocols bgp system-as '64512'
diff --git a/config-parts/service-dhcp_server.sh b/config-parts/service-dhcp_server.sh
index b668db7..cd5f94c 100644
--- a/config-parts/service-dhcp_server.sh
+++ b/config-parts/service-dhcp_server.sh
@@ -135,12 +135,13 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 range 0 s
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 range 0 stop '10.1.1.254'
 
 # Need to add all of the macs for the servers.
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf ip-address '10.1.1.31'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf mac-address '80:61:5f:04:88:5a'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring ip-address '10.1.1.32'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping glamdring mac-address 'd4:5d:64:91:b2:42'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax ip-address '10.1.1.33'
-set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '04:42:1a:ef:35:74'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nenya ip-address '10.1.1.41'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nenya mac-address '6e:e5:a0:e6:36:28'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping vilya ip-address '10.1.1.42'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping vilya mac-address 'ce:06:3f:d5:32:be'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya ip-address '10.1.1.43'
+set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya mac-address '6a:5b:95:ec:2a:e1'
+
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar ip-address '10.1.1.11'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elessar mac-address '00:11:32:87:f6:1d'
 set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping sting ip-address '10.1.1.12'
diff --git a/containers/bind/config/zones/db.jahanson.tech b/containers/bind/config/zones/db.jahanson.tech
index 95e1053..e1decec 100644
--- a/containers/bind/config/zones/db.jahanson.tech
+++ b/containers/bind/config/zones/db.jahanson.tech
@@ -24,6 +24,9 @@ sting                      IN  A  10.1.1.12
 gandalf                    IN  A  10.1.1.31
 glamdring                  IN  A  10.1.1.32
 shadowfax                  IN  A  10.1.1.33
+nenya                      IN  A  10.1.1.41
+vilya                      IN  A  10.1.1.42
+narya                      IN  A  10.1.1.43
 nextcloud                  IN  A  10.1.1.51
 frodo                      IN  A  10.1.1.52
 
diff --git a/containers/haproxy/config/haproxy.cfg b/containers/haproxy/config/haproxy.cfg
index e496a4b..083bb0d 100644
--- a/containers/haproxy/config/haproxy.cfg
+++ b/containers/haproxy/config/haproxy.cfg
@@ -51,9 +51,9 @@ backend k8s_controlplane
     mode tcp                                              
     option ssl-hello-chk                                  
     balance     roundrobin                                
-        server worker1 10.1.1.31:6443 check   
-        server worker2 10.1.1.32:6443 check 
-        server worker3 10.1.1.33:6443 check    
+        server worker1 10.1.1.41:6443 check   
+        server worker2 10.1.1.42:6443 check 
+        server worker3 10.1.1.43:6443 check    
                                                           
 backend talos_controlplane                                
     option httpchk GET /healthz                           
@@ -61,6 +61,6 @@ backend talos_controlplane
     mode tcp                                              
     option ssl-hello-chk                                  
     balance     roundrobin                                
-        server worker1 10.1.1.31:50000 check  
-        server worker2 10.1.1.32:50000 check
-        server worker3 10.1.1.33:50000 check   
+        server worker1 10.1.1.41:50000 check  
+        server worker2 10.1.1.42:50000 check
+        server worker3 10.1.1.43:50000 check