Dan V
deb6c38d7b
- Add .gitignore: exclude compiled binaries, build artifacts, and Helm values files containing real secrets (authentik, prometheus) - Add all Kubernetes deployment manifests (deployment/) - Add services source code: ha-sync, device-inventory, games-console, paperclip, parts-inventory - Add Ansible orchestration: playbooks, roles, inventory, cloud-init - Add hardware specs, execution plans, scripts, HOMELAB.md - Add skills/homelab/SKILL.md + skills/install.sh to preserve Copilot skill - Remove previously-tracked inventory-cli binary from git index Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
79 lines
2.6 KiB
YAML
79 lines
2.6 KiB
YAML
---
|
|
# Usage:
|
|
# ansible-playbook playbooks/networking.yml \
|
|
# --extra-vars "technitium_admin_password=<secret>"
|
|
#
|
|
# Or store the password in an Ansible vault file and pass with --vault-id.
|
|
|
|
- name: Deploy Technitium DNS primary on Proxmox
|
|
hosts: proxmox
|
|
become: true
|
|
gather_facts: true
|
|
|
|
vars:
|
|
technitium_secondary_ips:
|
|
- "192.168.2.100" # kube-node-1
|
|
technitium_dns_records:
|
|
- { name: kube-node-1, ip: "192.168.2.100" }
|
|
- { name: kube-node-2, ip: "192.168.2.195" }
|
|
- { name: kube-node-3, ip: "192.168.2.196" }
|
|
- { name: kube-arbiter, ip: "192.168.2.200" }
|
|
- { name: proxmox, ip: "192.168.2.193" }
|
|
- { name: ansible-control, ip: "192.168.2.70" }
|
|
- { name: local-ai, ip: "192.168.2.88" }
|
|
- { name: remote-ai, ip: "192.168.2.91" }
|
|
|
|
roles:
|
|
- technitium-dns-primary
|
|
|
|
- name: Deploy Technitium DNS secondary on kube-node-1
|
|
hosts: kube-node-1
|
|
become: true
|
|
gather_facts: true
|
|
|
|
vars:
|
|
technitium_primary_ip: "192.168.2.193"
|
|
|
|
roles:
|
|
- technitium-dns-secondary
|
|
|
|
- name: Open DNS port on kube-node-1 (secondary DNS)
|
|
hosts: kube-node-1
|
|
become: true
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
- name: Allow DNS TCP
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "53"
|
|
proto: tcp
|
|
|
|
- name: Allow DNS UDP
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "53"
|
|
proto: udp
|
|
|
|
- name: Allow Technitium web UI
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "5380"
|
|
proto: tcp
|
|
|
|
- name: Router DNS configuration reminder
|
|
hosts: localhost
|
|
gather_facts: false
|
|
|
|
tasks:
|
|
- name: Print router DNS instructions
|
|
ansible.builtin.debug:
|
|
msg: |
|
|
┌─────────────────────────────────────────────────────────────────┐
|
|
│ ACTION REQUIRED: Update your router's LAN DNS settings │
|
|
│ │
|
|
│ Primary DNS: 192.168.2.193 (Proxmox — Technitium primary) │
|
|
│ Secondary DNS: 192.168.2.100 (kube-node-1 — zone transfer) │
|
|
│ │
|
|
│ All .homelab names will now resolve on your LAN. │
|
|
└─────────────────────────────────────────────────────────────────┘
|