--- hiera_include: - frrouting - exporters::frr_exporter profiles::dns::master::ns_role: roles::infra::dns::master profiles::dns::master::use_ns: region profiles::dns::master::acls: acl-main.unkin.net: addresses: - 198.18.13.0/24 - 198.18.14.0/24 - 198.18.15.0/24 - 198.18.16.0/24 - 198.18.17.0/24 - 198.18.19.0/24 - 198.18.20.0/24 - 198.18.24.0/24 - 198.18.25.0/24 - 198.18.26.0/24 - 198.18.27.0/24 - 198.18.28.0/24 - 198.18.29.0/24 profiles::dns::master::zones: unkin.net: domain: 'unkin.net' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/unkin.net.conf' main.unkin.net: domain: 'main.unkin.net' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/main.unkin.net.conf' 13.18.198.in-addr.arpa: domain: '13.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/13.18.198.in-addr.arpa.conf' 14.18.198.in-addr.arpa: domain: '14.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/14.18.198.in-addr.arpa.conf' 15.18.198.in-addr.arpa: domain: '15.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/15.18.198.in-addr.arpa.conf' 16.18.198.in-addr.arpa: domain: '16.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/16.18.198.in-addr.arpa.conf' 17.18.198.in-addr.arpa: domain: '17.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/17.18.198.in-addr.arpa.conf' 19.18.198.in-addr.arpa: domain: '19.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/19.18.198.in-addr.arpa.conf' 20.18.198.in-addr.arpa: domain: '20.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/20.18.198.in-addr.arpa.conf' 21.18.198.in-addr.arpa: domain: '21.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/21.18.198.in-addr.arpa.conf' 22.18.198.in-addr.arpa: domain: '22.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/22.18.198.in-addr.arpa.conf' 23.18.198.in-addr.arpa: domain: '23.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/23.18.198.in-addr.arpa.conf' 24.18.198.in-addr.arpa: domain: '24.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/24.18.198.in-addr.arpa.conf' 25.18.198.in-addr.arpa: domain: '25.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/25.18.198.in-addr.arpa.conf' 26.18.198.in-addr.arpa: domain: '26.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/26.18.198.in-addr.arpa.conf' 27.18.198.in-addr.arpa: domain: '27.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/27.18.198.in-addr.arpa.conf' 28.18.198.in-addr.arpa: domain: '28.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/28.18.198.in-addr.arpa.conf' 29.18.198.in-addr.arpa: domain: '29.18.198.in-addr.arpa' zone_type: 'master' dynamic: false ns_notify: true source: '/var/named/sources/29.18.198.in-addr.arpa.conf' profiles::dns::master::views: master-zones: recursion: false zones: - unkin.net - main.unkin.net - 13.18.198.in-addr.arpa - 14.18.198.in-addr.arpa - 15.18.198.in-addr.arpa - 16.18.198.in-addr.arpa - 17.18.198.in-addr.arpa - 19.18.198.in-addr.arpa - 20.18.198.in-addr.arpa - 21.18.198.in-addr.arpa - 22.18.198.in-addr.arpa - 23.18.198.in-addr.arpa - 24.18.198.in-addr.arpa - 25.18.198.in-addr.arpa - 26.18.198.in-addr.arpa - 27.18.198.in-addr.arpa - 28.18.198.in-addr.arpa - 29.18.198.in-addr.arpa match_clients: - acl-main.unkin.net profiles::dns::master::keys: rndskey: secret_bits: 512 algorithm: hmac-sha256 secret: "%{lookup('profiles::dns::master::secret')}" # networking anycast_ip: 198.18.19.15 systemd::manage_networkd: true systemd::manage_all_network_files: true networking::interfaces: eth0: type: physical forwarding: true dhcp: true anycast0: type: dummy ipaddress: "%{hiera('anycast_ip')}" netmask: 255.255.255.255 mtu: 1500 # frrouting exporters::frr_exporter::enable: true frrouting::ospfd_router_id: "%{facts.networking.ip}" frrouting::ospfd_redistribute: - connected frrouting::ospfd_interfaces: eth0: area: 0.0.0.0 anycast0: area: 0.0.0.0 frrouting::daemons: ospfd: true # consul profiles::consul::client::node_rules: - resource: service segment: frr_exporter disposition: write # additional repos profiles::yum::global::repos: frr-extras: name: frr-extras descr: frr-extras repository target: /etc/yum.repos.d/frr-extras.repo baseurl: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os gpgkey: https://packagerepo.service.consul/frr/el9/extras-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR mirrorlist: absent frr-stable: name: frr-stable descr: frr-stable repository target: /etc/yum.repos.d/frr-stable.repo baseurl: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os gpgkey: https://packagerepo.service.consul/frr/el9/stable-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-FRR mirrorlist: absent