Add ZT management-only network

2022-02-13 11:05:25 -06:00 · 2022-02-13 11:05:25 -06:00 · f86d065005
commit f86d065005
parent 5efeaa18e9
3 changed files with 25 additions and 0 deletions
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@ -58,6 +58,13 @@ zerotier_personal_network_id: !vault |
          30656433343263653035333637336165323931363966376264353164326135336131646362623734
          3339633961393864330a616437613534643231366634643362383438316233376334636264303361
          65313231393433396538663463383731303661633663343066333264303330313133
+zerotier_management_network_id: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          39323634336366386363323264386434373230353133626234623863376161363732666137363238
+          3936613661306263303239313134643962333037653162660a653730636362303364396664343663
+          32353638376235646361373730326533636332333939386237313731393032663565393033363635
+          3430303130303766610a633131656431396332626336653562616363666433366664373635613934
+          30316335396166633361666466346232323630396534386332613937366232613965

 # For GVM
 secret_gvm_db_pass: !vault |
--- a/playbooks/tags_zt-management.yml
+++ b/playbooks/tags_zt-management.yml
@ -0,0 +1,17 @@
+#!/usr/bin/env ansible-playbook
+# vim:ft=ansible:
+---
+- hosts: tags_zt-management
+  roles:
+    - role: zerotier
+      vars:
+        zerotier_networks_join:
+          - "{{ zerotier_management_network_id }}"
+      tags: [ zerotier ]
+- hosts: all:!tags_zt-management
+  roles:
+    - role: zerotier
+      vars:
+        zerotier_networks_leave:
+          - "{{ zerotier_management_network_id }}"
+      tags: [ zerotier ]
--- a/site.yml
+++ b/site.yml
@ -13,6 +13,7 @@
 - import_playbook: playbooks/manufacturers_s76.yml
  # Zerotier network configuration
 - import_playbook: playbooks/tags_zt-personal.yml
+- import_playbook: playbooks/tags_zt-management.yml
  # Tags for fundamental services
 - import_playbook: playbooks/tags_snmp.yml
 - import_playbook: playbooks/tags_nagios.yml