6a5ebfe5b5
alpine: don’t disable IPv6 autoconf on loopback interface
...
Not sure if it makes a difference but let’s keep the generated config
minimal.
2025-10-22 19:30:31 +02:00
7a4a868d41
alpine: add support for VRF interfaces
...
Mostly so we can merge the firewall role from the network repo, there
aren’t any other current users.
2025-10-22 19:30:31 +02:00
e2c9acd872
alpine: fix condition for loopback interface template
2025-10-22 18:26:18 +02:00
d1cf462f64
alpine: drop hints from interface configuration
...
Turns out ifupdown-ng ignores "inet static" and "inet loopback" hints
on iface lines. The interface named "lo" is always used as loopback.
2025-07-16 13:07:15 +02:00
bf4fd2c82d
alpine: support non-VM hosts in interfaces template
...
Ignore OOB management interface, allow configuring loopback interface
with NetBox data, and setting MTU.
2025-05-15 14:55:43 +02:00
39fec47f87
alpine: don’t set IPv6 gateway
...
Will get it from RA. Also don’t disable SLAAC for IPv4‐only interfaces.
2025-05-07 12:25:43 +02:00
4dc089e42c
debian: add MOTD
2025-05-05 17:28:32 +02:00
e754db5fbd
Consolidate hosts template
...
For alpine, debian, ceph and proxmox roles.
Add the union of IPv6 LL host entries across all distros to make sure nothing croaks.
2025-04-10 18:22:41 +02:00
0d60aa107f
Consolidate nftables setup for alpine, debian and ceph roles
2025-02-12 17:24:24 +01:00
6c817624bc
alpine: disable IPv6 automatic addresses
...
So we have predictable addresses if we ever want to firewall
individual hosts.
2024-09-21 22:41:36 +02:00
6b1d871392
alpine: don’t assume all public services are TCP either
2024-09-04 16:42:13 +02:00
2b4a196e4d
alpine: add whimsy
...
For what is life without it.
2024-08-16 11:48:10 +02:00
312cd8d4b3
alpine: rename network interfaces
...
Mostly relevant for VMs, to match the names with proxmox.
2024-08-16 11:47:38 +02:00
3261bc7f98
alpine: don’t hardcode nftables input rule for SSH
...
Instead configure it in NetBox like all other services.
2024-08-14 12:46:23 +02:00
38ff061f81
alpine: don’t set gateway for interface if the gateway is that interface
2024-08-06 15:47:05 +02:00
036f7c8b74
Support custom allowed_ips field for services
...
Like allowed_prefixes, but for single IP addresses. Currently used
just for DHCP server to allow (only) packets from relays.
2024-08-03 11:44:03 +02:00
a3dd4eba65
alpine: don’t assume all services are TCP
2024-07-26 10:14:23 +02:00
f1f9d6fa34
alpine: configure network interfaces
2024-06-25 00:40:13 +02:00
29598ef4bb
Rework service handling
...
Allow running playbooks without NetBox access. Mainly to bootstrap
NetBox itself.
Would prefer not to access network from filter plugins, so maybe do
that at some point also.
2024-06-19 13:33:32 +02:00
398e41732e
alpine: set hostname
...
And configure /etc/hosts accordingly.
2024-06-05 15:40:55 +02:00
fe6c35edf1
alpine: set up firewall
...
Get services from NetBox and enable SSH unconditionally for now.
2024-06-05 15:37:45 +02:00
