klaster/ansible/roles/openwrt/vars/main.yml at 8ce9462d4a4c1b6c77d5ee8937ecdab170aeaf6e - klaster - Gitea: Git with a cup of tea

Lumpiasty/klaster

Files

T

Lumpiasty 38f0aa699f

feat(ansible): add IoT VLAN 5 (192.168.5.0/24, szafa wifi)

MikroTik: add vlan5 interface, bridge VLAN entry (ether3 tagged),
IP 192.168.5.1/24, IPv6 from-pool, DHCP pool/server/network,
firewall rules allowing IoT internet-only (IPv4 and IPv6),
DNS input from vlan5.

OpenWrt: add switch VLAN 5 (WAN+CPU tagged), br-iot bridge on
eth0.5, iot interface, iot firewall zone (forward ACCEPT,
input REJECT).

Also remove ensure_order from all non-firewall api_modify tasks
as RouterOS does not support move on those paths.

2026-05-13 22:28:04 +02:00

10 lines

195 B

YAML

Raw Blame History

 ---
 # Secret references only; actual values are loaded from OpenBao/Vault at runtime.
 openbao_kv_mount: secret
 openbao_fields:
   iot_wifi:
     path: openwrt_iot_wifi
     password_key: password