StefanMewes/Nebula-Ansible-Role
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Beispiele auf Englisch übersetzt

Browse Source
This commit is contained in:
Stefan Mewes
2026-04-11 11:53:16 +02:00
parent 3574ce95f2
commit 71d811d087
1 changed files with 21 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
example_playbook_and_inventory.yml
View File

@@ -1,18 +1,18 @@
# ============================================================= # =============================================================
# Beispiel-Inventory: inventory # Example Inventory: inventory
# ============================================================= # =============================================================
[nebula_lighthouse] [nebula_lighthouse]
lighthouse1.example.com lighthouse1.example.com
lighthouse2.example.com lighthouse2.example.com
[servers] [servers]
web01.example.com nebula_internal_ip_addr=10.43.0.10 web01.example.com nebula_internal_ip_addr=10.43.0.10
docker01.example.com nebula_internal_ip_addr=10.43.0.11 docker01.example.com nebula_internal_ip_addr=10.43.0.11
db01.example.com nebula_internal_ip_addr=10.43.0.12 db01.example.com nebula_internal_ip_addr=10.43.0.12
# ============================================================= # =============================================================
# Beispiel-Playbook: nebula.yml # Example Playbook: nebula.yml
# ============================================================= # =============================================================
--- ---
- name: Deploy Nebula (multi-lighthouse) - name: Deploy Nebula (multi-lighthouse)
@@ -25,9 +25,9 @@ db01.example.com nebula_internal_ip_addr=10.43.0.12
nebula_network_name: "My Company Nebula" nebula_network_name: "My Company Nebula"
nebula_network_cidr: 16 nebula_network_cidr: 16
# --- Multi-Lighthouse-Konfiguration --- # --- Multi-Lighthouse Configuration ---
# Der ERSTE Eintrag ist der Primary (hostet CA-Schlüssel). # The FIRST entry is the primary (hosts the CA key).
# Alle weiteren sind Secondaries. # All additional entries are secondaries.
nebula_lighthouses: nebula_lighthouses:
- hostname: lighthouse1 - hostname: lighthouse1
internal_ip: 10.43.0.1 internal_ip: 10.43.0.1
@@ -43,27 +43,27 @@ db01.example.com nebula_internal_ip_addr=10.43.0.12
nebula_firewall_block_action: reject nebula_firewall_block_action: reject
nebula_inbound_rules: nebula_inbound_rules:
- { port: "any", proto: "icmp", host: "any" } - { port: "any", proto: "icmp", host: "any" }
- { port: 22, proto: "tcp", host: "any" } - { port: 22, proto: "tcp", host: "any" }
nebula_outbound_rules: nebula_outbound_rules:
- { port: "any", proto: "any", host: "any" } - { port: "any", proto: "any", host: "any" }
roles: roles:
- role: nebula - role: nebula
# ============================================================= # =============================================================
# WICHTIG: Hostname im Inventory muss dem hostname-Feld in # IMPORTANT: The hostname in the inventory must match the
# nebula_lighthouses entsprechen! # hostname field in nebula_lighthouses!
# #
# lighthouse1.example.com hostname: lighthouse1 # lighthouse1.example.com hostname: lighthouse1
# lighthouse2.example.com hostname: lighthouse2 # lighthouse2.example.com hostname: lighthouse2
# #
# Die Rolle sucht den passenden Eintrag per: # The role looks up the matching entry using:
# selectattr('hostname', 'equalto', inventory_hostname) # selectattr('hostname', 'equalto', inventory_hostname)
# #
# Falls du FQDNs als hostname-Feld nutzen willst: # If you want to use FQDNs as the hostname field:
# - hostname: lighthouse1.example.com # - hostname: lighthouse1.example.com
# ... # ...
# und im Inventory ebenfalls: # and in the inventory as well:
# lighthouse1.example.com # lighthouse1.example.com
# ============================================================= # =============================================================