Lumpiasty
38f0aa699f
MikroTik: add vlan5 interface, bridge VLAN entry (ether3 tagged), IP 192.168.5.1/24, IPv6 from-pool, DHCP pool/server/network, firewall rules allowing IoT internet-only (IPv4 and IPv6), DNS input from vlan5. OpenWrt: add switch VLAN 5 (WAN+CPU tagged), br-iot bridge on eth0.5, iot interface, iot firewall zone (forward ACCEPT, input REJECT). Also remove ensure_order from all non-firewall api_modify tasks as RouterOS does not support move on those paths.
42 lines
1.3 KiB
YAML
42 lines
1.3 KiB
YAML
---
|
|
- name: Configure PPPoE client
|
|
community.routeros.api_modify:
|
|
path: interface pppoe-client
|
|
data:
|
|
- disabled: false
|
|
interface: sfp-sfpplus1
|
|
keepalive-timeout: 2
|
|
name: pppoe-gpon
|
|
password: "{{ routeros_pppoe_password }}"
|
|
use-peer-dns: true
|
|
user: "{{ routeros_pppoe_username }}"
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
|
|
- name: Configure 6to4 tunnel interface
|
|
community.routeros.api_modify:
|
|
path: interface 6to4
|
|
data:
|
|
- comment: Hurricane Electric IPv6 Tunnel Broker
|
|
local-address: 139.28.40.212
|
|
mtu: 1472
|
|
name: sit1
|
|
remote-address: 216.66.80.162
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
|
|
- name: Configure veth interface for containers
|
|
community.routeros.api_modify:
|
|
path: interface veth
|
|
data:
|
|
- address: 172.17.0.2/16,2001:470:61a3:500::1/64
|
|
container-mac-address: 7E:7E:A1:B1:2A:7C
|
|
dhcp: false
|
|
gateway: 172.17.0.1
|
|
gateway6: 2001:470:61a3:500:ffff:ffff:ffff:ffff
|
|
mac-address: 7E:7E:A1:B1:2A:7B
|
|
name: veth1
|
|
comment: Tailscale container
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|