# ============================================================= # Beispiel-Inventory: inventory # ============================================================= [nebula_lighthouse] lighthouse1.example.com lighthouse2.example.com [servers] web01.example.com nebula_internal_ip_addr=10.43.0.10 docker01.example.com nebula_internal_ip_addr=10.43.0.11 db01.example.com nebula_internal_ip_addr=10.43.0.12 # ============================================================= # Beispiel-Playbook: nebula.yml # ============================================================= --- - name: Deploy Nebula (multi-lighthouse) hosts: all gather_facts: yes user: ansible become: yes vars: nebula_version: 1.8.0 nebula_network_name: "My Company Nebula" nebula_network_cidr: 16 # --- Multi-Lighthouse-Konfiguration --- # Der ERSTE Eintrag ist der Primary (hostet CA-Schlüssel). # Alle weiteren sind Secondaries. nebula_lighthouses: - hostname: lighthouse1 internal_ip: 10.43.0.1 public_hostname: lh1.example.com public_port: 4242 is_relay: true - hostname: lighthouse2 internal_ip: 10.43.0.2 public_hostname: lh2.example.com public_port: 4242 is_relay: true nebula_firewall_block_action: reject nebula_inbound_rules: - { port: "any", proto: "icmp", host: "any" } - { port: 22, proto: "tcp", host: "any" } nebula_outbound_rules: - { port: "any", proto: "any", host: "any" } roles: - role: nebula # ============================================================= # WICHTIG: Hostname im Inventory muss dem hostname-Feld in # nebula_lighthouses entsprechen! # # lighthouse1.example.com → hostname: lighthouse1 # lighthouse2.example.com → hostname: lighthouse2 # # Die Rolle sucht den passenden Eintrag per: # selectattr('hostname', 'equalto', inventory_hostname) # # Falls du FQDNs als hostname-Feld nutzen willst: # - hostname: lighthouse1.example.com # ... # und im Inventory ebenfalls: # lighthouse1.example.com # =============================================================