# ============================================================= # Example Inventory: inventory # ============================================================= [nebula_lighthouse] lighthouse1.example.com lighthouse2.example.com [servers] web01.example.com nebula_internal_ip_addr=10.43.0.10 docker01.example.com nebula_internal_ip_addr=10.43.0.11 db01.example.com nebula_internal_ip_addr=10.43.0.12 # ============================================================= # Example Playbook: nebula.yml # ============================================================= --- - name: Deploy Nebula (multi-lighthouse) hosts: all gather_facts: yes user: ansible become: yes vars: nebula_version: 1.8.0 nebula_network_name: "My Company Nebula" nebula_network_cidr: 16 # --- Multi-Lighthouse Configuration --- # The FIRST entry is the primary (hosts the CA key). # All additional entries are secondaries. nebula_lighthouses: - hostname: lighthouse1 internal_ip: 10.43.0.1 public_hostname: lh1.example.com public_port: 4242 is_relay: true - hostname: lighthouse2 internal_ip: 10.43.0.2 public_hostname: lh2.example.com public_port: 4242 is_relay: true nebula_firewall_block_action: reject nebula_inbound_rules: - { port: "any", proto: "icmp", host: "any" } - { port: 22, proto: "tcp", host: "any" } nebula_outbound_rules: - { port: "any", proto: "any", host: "any" } roles: - role: nebula # ============================================================= # IMPORTANT: The hostname in the inventory must match the # hostname field in nebula_lighthouses! # # lighthouse1.example.com → hostname: lighthouse1 # lighthouse2.example.com → hostname: lighthouse2 # # The role looks up the matching entry using: # selectattr('hostname', 'equalto', inventory_hostname) # # If you want to use FQDNs as the hostname field: # - hostname: lighthouse1.example.com # ... # and in the inventory as well: # lighthouse1.example.com # =============================================================