This repo doesn't support Ansible 12 or later, using a venv is recommended.
pyenv install 3.12.12
pyenv virtualenv 3.12.12 ansible-11
pyenv activate ansible-11
pip install -U pip wheel setuptools
pip install -U -r requirements.txt -r requirements-venv.txtjq -s add .vscode/settings.{common,$(uname -s)}.json > .vscode/settings.jsonChange general network stuff (VLANs, changing CIDRs) using the templates.
Change host_net, host_num and/or ansible_host in hosts.
When changes are made, generate_inventory.yml MUST be run. If both were changed, it must be run TWICE.
Generate keys on the command line with wg genkey | tee /dev/stderr | wg pubkey, private is the first string.
Store the private key with gopass, i.e.
gopass edit -c network/<inventory_hostname>_wg_pkIf using preshared keys, generate it with
wg genpsk
gopass edit -c network/<inventory_hostname>_wg_pskOn MacOS, install libssh with Homebrew then
CFLAGS="-I $(brew --prefix)/include -I ext -L $(brew --prefix)/lib -lssh" pip install ansible-pylibssh- name: Get FW rules
community.routeros.api_info:
path: ip firewall filter
handle_disabled: omit
register: __fw
- name: Write to file
delegate_to: localhost
ansible.builtin.copy:
content: "{{ __fw.result | to_nice_yaml(indent=2) }}"
dest: "/tmp/{{ inventory_hostname }}.yml"Cleanup
yq -iy 'map(del(.".id"))' /tmp/rb5009.yml
sed -i -E "/^ (log|disabled): false.*/d;/^ log-prefix: ''/d;/^-.*/i\\ " /tmp/rb5009.yml
sed -i 's/^ $//g' /tmp/rb5009.ymlGenerate SSH key for Gitlab CI to use:
ssh-keygen -C "runner@gitrun" -N "" -t ed25519 -f files/gitlab/runner_sshCreate masked variable SSH_KEY in gitlab with b64 encoding of private key as value.
base64 < files/gitlab/runner_sshDelete private key:
rm -fv files/gitlab/runner_sshAlso add Docker's host key to a DOCKER_SSH_HOST_KEYS var
ssh-keyscan -q <ip/hostname> | base64