slightly improve cidr notation

2022-03-02 17:26:38 +01:00 · 2022-03-02 17:26:38 +01:00 · 7a477c31f1
commit 7a477c31f1
parent 5047342f0f
2 changed files with 28 additions and 21 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -10,22 +10,41 @@ cidrs:
  ## humans
  ## 10.200.16.1 to 10.200.31.254
  ## 4,096 usable IP addresses
-  - { "parent": "fsfe", "name": "humans", "cidr": "10.200.16.0/20" }
+  humans:
+    parent: fsfe
+    cidr: 10.200.16.0/20

  ### humans > admins
  ### 10.200.16.1 to 10.200.19.254
  ### 1,024 usable IP addresses
-  - { "parent": "humans", "name": "admins", "cidr": "10.200.16.0/22" }
+  admins:
+    parent: humans
+    cidr: 10.200.16.0/22

  ### humans > others
  ### 10.200.20.1 to 10.200.23.254
  ### 1,024 usable IP addresses
-  - { "parent": "humans", "name": "others", "cidr": "10.200.20.0/22" }
+  others:
+    parent: humans
+    cidr: 10.200.20.0/22

  ## machines
  ## 10.200.64.1 to 10.200.127.254
  ## with 16,384 usable IP addresses
-  - { "parent": "fsfe", "name": "machines", "cidr": "10.200.64.0/18" }
+  machines:
+    parent: fsfe
+    cidr: 10.200.64.0/18
+
+manual_peers:
+  linus:
+    cidr: admins
+    admin: true
+  max-mehl:
+    cidr: admins
+    admin: true
+  albert:
+    cidr: admins
+    admin: true

 # humans > admins, e.g.
 # - { "cidr": "admins", "name": "linus", "admin": "true" }
@ -35,16 +54,4 @@ cidrs:
 # - { "cidr": "others", "name": "fani", "admin": "false" }
 # machines, e.g.
 # - { "cidr": "machines", "name": "cont1-plutex", "admin": "false" }
-peers: "{{ peers_var|from_yaml }}"
 machine_cidr: { "name": "machines", "cidr": "10.200.64.0/18", "admin": "false" }
-peers_var: |
-  - { "cidr": "admins", "name": "linus", "admin": "true" }
-  - { "cidr": "admins", "name": "max-mehl", "admin": "true" }
-  - { "cidr": "admins", "name": "albert", "admin": "true" }
-  {% for host in groups['innernet_client'] %}
-  - {
-     "cidr": "machines",
-     "name": {{ host.replace('.', '-').replace('-fsfeurope-org', '').replace('-fsfe-org', '').replace('-fsfe-be', '') }},
-     "admin": "false"
-    }
-  {% endfor %}
--- a/roles/server/tasks/main.yml
+++ b/roles/server/tasks/main.yml
@ -68,13 +68,13 @@
  tags: [cidr]
  shell: |
    innernet-server add-cidr "{{ network_name }}" \
-      --parent "{{ item.parent }}" \
-      --name "{{ item.name }}" \
-      --cidr "{{ item.cidr }}" \
+      --name "{{ item.key }}" \
+      --parent "{{ item.value.parent }}" \
+      --cidr "{{ item.value.cidr }}" \
      --yes
-  loop: "{{ cidrs }}"
+  loop: "{{ cidrs | dict2items }}"
  when:
-    - item.name not in existing_cidrs.stdout_lines
+    - item.key not in existing_cidrs.stdout_lines

 - name: Enable firewall and allow SSH
  tags: [listen_port, firewall]