diff --git a/ansible/configure-server.yml b/ansible/configure-server.yml
index d65947c..eb516e9 100644
--- a/ansible/configure-server.yml
+++ b/ansible/configure-server.yml
@@ -109,6 +109,7 @@
- hosts: all
+ tags: ntp
tasks:
- name: Disable systemd LLMNR
lineinfile:
@@ -228,4 +229,44 @@
- name: restart frr
systemd:
name: frr
- state: restarted
\ No newline at end of file
+ state: restarted
+
+- hosts: all
+ tags: web
+ tasks:
+ - name: Install nginx
+ package:
+ name: nginx
+ state: present
+
+ - name: Copy nginx config
+ ansible.builtin.template:
+ src: files/nginx.conf.j2
+ dest: /etc/nginx/nginx.conf
+ register: nginx_conf
+
+ - name: Enable nginx
+ service:
+ name: nginx
+ enabled: yes
+ state: started
+
+ - name: Restart nginx
+ systemd:
+ name: nginx
+ state: restarted
+ when: nginx_conf.changed
+
+
+ - name: ensure /var/www/html exists
+ file:
+ path: /var/www/html
+ state: directory
+
+ - name: Copy index page
+ ansible.builtin.template:
+ src: files/index.html
+ dest: /var/www/html/
+ owner: root
+ group: root
+ mode: 0644
\ No newline at end of file
diff --git a/ansible/files/bgp.network b/ansible/files/bgp.network
index 836a89a..99e4d9f 100644
--- a/ansible/files/bgp.network
+++ b/ansible/files/bgp.network
@@ -2,4 +2,4 @@
Name=bgp
[Network]
-Address={{bgp_ipv6}}
+Address={{bgp_ipv6}}/128
diff --git a/ansible/files/index.html b/ansible/files/index.html
new file mode 100644
index 0000000..7d37934
--- /dev/null
+++ b/ansible/files/index.html
@@ -0,0 +1,20 @@
+
+
+ NTP server {{ ansible_hostname }}
+
+
+ NTP server {{ ansible_hostname }}
+
+ - Default ip: {{bgp_ipv6}}
+ - Backup ips:
+
+{% for host in groups['all'] -%}
+{%- if host != inventory_hostname -%}
+ - {{ hostvars[host]['bgp_ipv6'] }} ({{ host }})
+{% endif -%}
+{% endfor %}
+
+
+
+
+
\ No newline at end of file
diff --git a/ansible/files/nginx.conf.j2 b/ansible/files/nginx.conf.j2
new file mode 100644
index 0000000..a41b73a
--- /dev/null
+++ b/ansible/files/nginx.conf.j2
@@ -0,0 +1,118 @@
+
+#user http;
+worker_processes 1;
+
+#error_log logs/error.log;
+#error_log logs/error.log notice;
+#error_log logs/error.log info;
+
+#pid logs/nginx.pid;
+
+
+events {
+ worker_connections 1024;
+}
+
+
+http {
+ include mime.types;
+ default_type application/octet-stream;
+
+ #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ # '$status $body_bytes_sent "$http_referer" '
+ # '"$http_user_agent" "$http_x_forwarded_for"';
+
+ #access_log logs/access.log main;
+
+ sendfile on;
+ #tcp_nopush on;
+
+ #keepalive_timeout 0;
+ keepalive_timeout 10;
+
+ #gzip on;
+
+ server {
+ listen [::]:80;
+ listen 80;
+ server_name {{ansible_hostname}};
+
+ #charset koi8-r;
+
+ #access_log logs/host.access.log main;
+
+ location / {
+ root /var/www/html; #usr/share/nginx/html;
+ index index.html index.htm;
+ }
+
+ #error_page 404 /404.html;
+
+ # redirect server error pages to the static page /50x.html
+ #
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root /usr/share/nginx/html;
+ }
+
+ # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+ #
+ #location ~ \.php$ {
+ # proxy_pass http://127.0.0.1;
+ #}
+
+ # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+ #
+ #location ~ \.php$ {
+ # root html;
+ # fastcgi_pass 127.0.0.1:9000;
+ # fastcgi_index index.php;
+ # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
+ # include fastcgi_params;
+ #}
+
+ # deny access to .htaccess files, if Apache's document root
+ # concurs with nginx's one
+ #
+ #location ~ /\.ht {
+ # deny all;
+ #}
+ }
+
+
+ # another virtual host using mix of IP-, name-, and port-based configuration
+ #
+ #server {
+ # listen 8000;
+ # listen somename:8080;
+ # server_name somename alias another.alias;
+
+ # location / {
+ # root html;
+ # index index.html index.htm;
+ # }
+ #}
+
+
+ # HTTPS server
+ #
+ #server {
+ # listen 443 ssl;
+ # server_name localhost;
+
+ # ssl_certificate cert.pem;
+ # ssl_certificate_key cert.key;
+
+ # ssl_session_cache shared:SSL:1m;
+ # ssl_session_timeout 5m;
+
+ # ssl_ciphers HIGH:!aNULL:!MD5;
+ # ssl_prefer_server_ciphers on;
+
+ # location / {
+ # root html;
+ # index index.html index.htm;
+ # }
+ #}
+
+}
diff --git a/ansible/inventory.yml b/ansible/inventory.yml
index da0bcf9..9ea9664 100644
--- a/ansible/inventory.yml
+++ b/ansible/inventory.yml
@@ -4,17 +4,17 @@ pi:
bgp_router_ipv6: 2a01:e0a:431:b521:7683:c2ff:fe4d:4818
bgp_asn: 64600
bgp_router_asn: 65100
- bgp_ipv6: 2a01:e0a:431:b527::a123/128
+ bgp_ipv6: 2a01:e0a:431:b527::a123
vms:
hosts:
ntp-s2-cra.lan.k3s.fr:
bgp_router_ipv6: 2a01:e0a:431:b522:7683:c2ff:fe4d:4818
bgp_asn: 64601
bgp_router_asn: 65100
- bgp_ipv6: 2a01:e0a:431:b527::b123/128
+ bgp_ipv6: 2a01:e0a:431:b527::b123
ntp-s2-ces.lan.k3s.fr:
bgp_router_ipv6: 2a0e:e701:122c:42::1
bgp_asn: 64602
bgp_router_asn: 65000
- bgp_ipv6: 2a0e:e701:122c:fff0::a123/128
+ bgp_ipv6: 2a0e:e701:122c:fff0::a123