Compare commits
4 commits
325f750f6a
...
abe93d5c8d
| Author | SHA1 | Date | |
|---|---|---|---|
| abe93d5c8d | |||
75e08e5de8
|
|||
|
da62036332
|
|||
|
0d24da08cf
|
4 changed files with 28 additions and 17 deletions
|
|
@ -85,7 +85,7 @@ set container name unifi environment RUNAS_UID0 value 'false'
|
||||||
set container name unifi environment TZ value 'America/Chicago'
|
set container name unifi environment TZ value 'America/Chicago'
|
||||||
set container name unifi environment PGID value '102'
|
set container name unifi environment PGID value '102'
|
||||||
set container name unifi environment PUID value '999'
|
set container name unifi environment PUID value '999'
|
||||||
set container name unifi image 'ghcr.io/goofball222/unifi:8.0.28'
|
set container name unifi image 'ghcr.io/goofball222/unifi:8.1.113'
|
||||||
set container name unifi memory '0'
|
set container name unifi memory '0'
|
||||||
set container name unifi network containers address '10.5.0.10'
|
set container name unifi network containers address '10.5.0.10'
|
||||||
set container name unifi restart 'on-failure'
|
set container name unifi restart 'on-failure'
|
||||||
|
|
@ -136,3 +136,15 @@ set container name vnstat shared-memory '0'
|
||||||
set container name vnstat volume vnstat-data destination '/var/lib/vnstat'
|
set container name vnstat volume vnstat-data destination '/var/lib/vnstat'
|
||||||
set container name vnstat volume vnstat-data mode 'rw'
|
set container name vnstat volume vnstat-data mode 'rw'
|
||||||
set container name vnstat volume vnstat-data source '/config/containers/vnstat/data'
|
set container name vnstat volume vnstat-data source '/config/containers/vnstat/data'
|
||||||
|
|
||||||
|
# matchbox
|
||||||
|
set container name matchbox arguments '-address=0.0.0.0:80 -log-level=debug'
|
||||||
|
set container name matchbox cap-add 'net-bind-service'
|
||||||
|
set container name matchbox image 'quay.io/poseidon/matchbox:v0.10.0'
|
||||||
|
set container name matchbox memory '0'
|
||||||
|
set container name matchbox network containers address '10.5.0.7'
|
||||||
|
set container name matchbox shared-memory '0'
|
||||||
|
set container name matchbox volume matchbox-data destination '/var/lib/matchbox'
|
||||||
|
set container name matchbox volume matchbox-data mode 'rw'
|
||||||
|
set container name matchbox volume matchbox-data propagation 'private'
|
||||||
|
set container name matchbox volume matchbox-data source '/config/containers/matchbox/data'
|
||||||
|
|
@ -9,7 +9,7 @@ set firewall global-options all-ping 'enable'
|
||||||
set firewall group address-group router-addresses address 10.0.0.1
|
set firewall group address-group router-addresses address 10.0.0.1
|
||||||
set firewall group address-group router-addresses address 127.0.0.1
|
set firewall group address-group router-addresses address 127.0.0.1
|
||||||
set firewall group address-group k8s_nodes address '10.1.1.61-10.1.1.63' # master nodes
|
set firewall group address-group k8s_nodes address '10.1.1.61-10.1.1.63' # master nodes
|
||||||
set firewall group address-group k8s_nodes address '10.1.1.41-10.1.1.46' # worker nodes
|
set firewall group address-group k8s_nodes address '10.1.1.70-10.1.1.254' # worker nodes
|
||||||
set firewall group address-group k8s_api address '10.5.0.2'
|
set firewall group address-group k8s_api address '10.5.0.2'
|
||||||
set firewall group address-group k8s_ingress address '10.45.0.1' # external nginx
|
set firewall group address-group k8s_ingress address '10.45.0.1' # external nginx
|
||||||
set firewall group address-group k8s_ingress address '10.45.0.3' # internal nginx
|
set firewall group address-group k8s_ingress address '10.45.0.3' # internal nginx
|
||||||
|
|
|
||||||
|
|
@ -43,7 +43,8 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-pa
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'allow booting;'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'allow booting;'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'next-server 10.1.1.1;'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'next-server 10.1.1.1;'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'if exists user-class and option user-class = "iPXE" {'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'if exists user-class and option user-class = "iPXE" {'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'filename "metal-amd64";'
|
# set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'filename "metal-amd64";'
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'filename "http://10.5.0.7/boot.ipxe";'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters '} else {'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters '} else {'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'filename "undionly.kpxe";'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters 'filename "undionly.kpxe";'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters '}'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 subnet-parameters '}'
|
||||||
|
|
@ -56,21 +57,11 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping sting ip-address '10.1.1.12'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping sting ip-address '10.1.1.12'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping sting mac-address 'a8:a1:59:4a:d1:b3'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping sting mac-address 'a8:a1:59:4a:d1:b3'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf ip-address '10.1.1.13'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf ip-address '10.1.1.13'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf mac-address '90:e2:ba:dd:98:20'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf mac-address 'b4:96:91:20:2c:58'
|
||||||
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax ip-address '10.1.1.30'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax ip-address '10.1.1.30'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '04:42:1a:ef:35:75'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax mac-address '04:42:1a:ef:35:75'
|
||||||
|
|
||||||
# k8s prod workers
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nenya ip-address '10.1.1.41'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping nenya mac-address 'c8:1f:66:10:4d:b9'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping vilya ip-address '10.1.1.42'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping vilya mac-address 'c8:1f:66:10:51:d9'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elrond ip-address '10.1.1.43'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping elrond mac-address 'BC:24:11:1D:24:93'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya ip-address '10.1.1.44'
|
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping narya mac-address '80:e8:2c:db:68:a2'
|
|
||||||
|
|
||||||
|
|
||||||
# Raspberry Pis
|
# Raspberry Pis
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo ip-address '10.1.1.51'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping frodo ip-address '10.1.1.51'
|
||||||
|
|
@ -97,6 +88,14 @@ set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-ma
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping cirdan ip-address '10.1.1.63'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping cirdan ip-address '10.1.1.63'
|
||||||
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping cirdan mac-address '98:90:96:A2:04:B1'
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping cirdan mac-address '98:90:96:A2:04:B1'
|
||||||
|
|
||||||
|
# k8s prod workers
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping anduril ip-address '10.1.1.71'
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping anduril mac-address 'd4:5d:64:91:b2:42'
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf-01 ip-address '10.1.1.72'
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping gandalf-01 mac-address '52:54:00:e5:08:8d'
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax-01 ip-address '10.1.1.73'
|
||||||
|
set service dhcp-server shared-network-name SERVERS subnet 10.1.1.0/24 static-mapping shadowfax-01 mac-address 'ae:4c:70:3f:79:e4'
|
||||||
|
|
||||||
# Trusted VLAN
|
# Trusted VLAN
|
||||||
set service dhcp-server shared-network-name TRUSTED authoritative
|
set service dhcp-server shared-network-name TRUSTED authoritative
|
||||||
set service dhcp-server shared-network-name TRUSTED ping-check
|
set service dhcp-server shared-network-name TRUSTED ping-check
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,6 @@ mkdir -p /tmp/bind/cache
|
||||||
chown -R 104 /tmp/bind/cache
|
chown -R 104 /tmp/bind/cache
|
||||||
|
|
||||||
# Mount USB Backup Drive
|
# Mount USB Backup Drive
|
||||||
# backupdest=/media/usb-backup
|
backupdest=/media/usb-backup
|
||||||
# mkdir -p "$backupdest"
|
mkdir -p "$backupdest"
|
||||||
# mount -t vfat -o rw,uid=vyos,gid=vyattacfg /dev/disk/by-id/usb-Samsung_Flash_Drive_FIT_0376621010005300-0:0-part1 "$backupdest"
|
mount -t vfat -o rw,uid=vyos,gid=vyattacfg /dev/disk/by-id/usb-Samsung_Flash_Drive_FIT_0376621010005300-0:0-part1 "$backupdest"
|
||||||
|
|
|
||||||
Reference in a new issue