Blaming SSH-Infrastructure/inventory/hosts.yaml at 0907e9865e904342e85601380d8343ee76c16735 · bogdan/SSH-Infrastructure

SSH-Infrastructure / inventory / hosts.yaml

Newer ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ Older

bogdan Initial ssh infrastructure versioning

700 lines | 17.078kb

Initial ssh infrastructure v... Bogdan Timofte authored 2 weeks ago	1	version: 1
	2	facts:
	3	jump_default_port: 24
	4	jump_default_user: bogdan.timofte
	5	common_distribution_user: bogdan
	6	notes:
	7	- Most distributions do not like dots in local usernames, so most final-host installs
	8	use bogdan.
	9	- In bogdan/root import conflicts, bogdan wins.
	10	ssh_options:
	11	legacy_compatibility:
	12	description: Company-managed jump global ssh_config compatibility options
	13	options:
	14	KexAlgorithms: +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
	15	Ciphers: +aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
	16	HostKeyAlgorithms: +ssh-rsa
	17	PubkeyAcceptedAlgorithms: +ssh-rsa
	18	ForwardAgent: true
	19	ForwardX11: false
	20	PasswordAuthentication: true
	21	HostbasedAuthentication: false
	22	CheckHostIP: true
	23	StrictHostKeyChecking: ask
	24	Tunnel: false
	25	SendEnv: LANG LC_* GIT_* ANSIBLE_*
	26	HashKnownHosts: true
	27	company_managed:
	28	jump_hosts:
	29	inherit_globals_on_targets:
	30	- j1
	31	- j2
	32	match_defaults:
	33	- patterns:
	34	- '*.dr0?'
	35	- '*.ar0?'
	36	- '*.cr01'
	37	- '*.br01'
	38	- '*.as??'
	39	- '*.cs0?'
	40	- '*.tv01'
	41	- '*.ds0?'
	42	- bucuresti.ines.dcm01
	43	- bucuresti.nxdata.voip
	44	- bucuresti.dolce.tv01
	45	- 'dasan'
	46	user: bogdan.timofte
	47	port: 22
	48	- patterns:
	49	- '*.olt'
	50	user: bogdan.timofte@next-gen.ro
	51	port: 22
	52	- patterns:
	53	- '*.dhcp'
	54	- '.shaper'
	55	- '*.sentinel'
	56	- '*.scan'
	57	- redmine
	58	- speedtest
	59	- webdevel
	60	- scripting
	61	- zabbix
	62	- itpve-*
	63	- cacti
	64	- mx
	65	- bucuresti.radius-pppoe
	66	- flood-detector
	67	- tacacs2
	68	- tacacs1
	69	- ns2
	70	- ns1
	71	- backup1
	72	- gitlab
	73	- nlg
	74	- nexus
	75	- dhcp-cmts
	76	- '*.radius-db'
	77	- jump1
	78	- aggregator-buc
	79	- mappix
	80	- docker.*
	81	- cpanel
	82	- jump2
	83	- nocpve-*
	84	- ocvpn
	85	user: bogdan.timofte
	86	port: 24
	87	defaults:
	88	jump:
	89	user: bogdan.timofte
	90	port: 24
	91	final_host:
	92	user: bogdan
	93	port: 22
	94	connect_timeout: 10
	95	connection_attempts: 1
	96	entrypoints:
	97	is_jumper:
	98	aliases:
	99	- is-jumper
	100	hostname: 192.168.2.100
	101	user: root
	102	identity_file: ~/.ssh/keys/is-jumper_ed25519
	103	identities_only: true
	104	jumps:
	105	j1:
	106	aliases:
	107	- j1
	108	hostname: 10.253.51.50
	109	port: 25904
	110	role: primary_vpn
	111	j2:
	112	aliases:
	113	- j2
	114	hostname: 10.253.51.52
	115	port: 25904
	116	role: failover_vpn
	117	j1_public:
	118	aliases:
	119	- j1
	120	hostname: j1.next-gen.ro
	121	port: 25904
	122	role: emergency_public
	123	j2_public:
	124	aliases:
	125	- j2
	126	hostname: j2.next-gen.ro
	127	port: 25904
	128	role: emergency_public
	129	groups:
	130	voip_applications:
	131	description: PBX systems
	132	default_jump: j1
	133	hosts:
	134	vo52:
	135	aliases:
	136	- vo52
	137	- vo522
	138	- vo52-new
	139	- 10.253.51.140
	140	hostname: 10.253.51.140
	141	user: root
	142	vo52_old:
	143	aliases:
	144	- vo52-old
	145	hostname: 193.16.148.152
	146	user: root
	147	vo53:
	148	aliases:
	149	- vo53
	150	- 193.16.148.153
	151	hostname: 193.16.148.153
	152	port: 60011
	153	elastix:
	154	aliases:
	155	- elastix
	156	- 10.253.50.62
	157	- 188.173.1.15
	158	hostname: 10.253.50.62
	159	user: root
	160	ss7:
	161	aliases:
	162	- ss7
	163	hostname: 10.253.51.138
	164	user: root
	165	voip_pbx_dispecerat:
	166	aliases:
	167	- voip-pbx-dispeceri
	168	- pbx-dispeceri
	169	- 10.253.51.134
	170	hostname: 10.253.51.134
	171	user: bogdan
	172	voip_pbx_bo:
	173	aliases:
	174	- voip-pbx-bo
	175	- pbx-bo
	176	- 10.253.51.135
	177	hostname: 10.253.51.135
	178	user: bogdan
	179	voip_network:
	180	description: VoIP network infrastructure
	181	default_jump: j1
	182	hosts:
	183	sbc0:
	184	aliases:
	185	- sbc0
	186	- 10.253.51.130
	187	- 10.20.30.10
	188	- 193.16.148.197
	189	hostname: 10.253.51.130
	190	sbc1:
	191	aliases:
	192	- sbc1
	193	- 10.253.51.131
	194	- 10.20.30.10
	195	- 193.16.148.194
	196	- 193.16.148.195
	197	- 193.16.148.196
	198	- 193.16.148.198
	199	- 193.16.148.199
	200	hostname: 10.253.51.131
	201	sbc2:
	202	aliases:
	203	- sbc2
	204	- 10.253.51.132
	205	- 10.20.30.11
	206	hostname: 10.253.51.132
	207	voip_prov:
	208	aliases:
	209	- voip-prov
	210	- 10.253.51.139
	211	hostname: 10.253.51.139
	212	portabilitate:
	213	aliases:
	214	- portabilitate
	215	- bdc
	216	- 10.253.51.133
	217	- 89.165.199.20
	218	- 89.165.232.232
	219	hostname: 10.253.51.133
	220	porta:
	221	description: PortaOne MR30 legacy
	222	default_jump: j1
	223	hosts:
	224	porta_sip:
	225	aliases:
	226	- porta-sip
	227	- p12-sip
	228	- p12
	229	- p12.voip.ro
	230	- 193.16.148.4
	231	hostname: 193.16.148.4
	232	porta_web:
	233	aliases:
	234	- porta-web
	235	- porta-api
	236	- porta-slave
	237	- porta7
	238	- telefonie.next-gen.ro
	239	- 193.16.148.7
	240	hostname: 193.16.148.7
	241	porta_db:
	242	aliases:
	243	- porta-db
	244	- porta-master
	245	- porta1
	246	- 193.16.148.11
	247	hostname: 193.16.148.11
	248	porta_config:
	249	aliases:
	250	- porta-config
	251	- porta-configurator
	252	- 193.16.148.13
	253	hostname: 193.16.148.13
	254	pppoe:
	255	description: RADIUS and PPPOE systems
	256	default_jump: j1
	257	defaults:
	258	user: bogdan.timofte
	259	port: 24
	260	patterns:
	261	'*.radius-db':
	262	connect_timeout: 10
	263	connection_attempts: 1
	264	'*.radius-pppoe':
	265	connect_timeout: 10
	266	connection_attempts: 1
	267	hosts:
	268	radauti_radius_db:
	269	aliases:
	270	- radauti.radius-db
	271	- 94.53.112.30
	272	- 10.132.96.121
	273	hostname: radauti.radius-db
	274	pascani_radius_db:
	275	aliases:
	276	- pascani.radius-db
	277	- 46.214.144.7
	278	- 10.132.0.121
	279	hostname: pascani.radius-db
	280	falticeni_radius_db:
	281	aliases:
	282	- falticeni.radius-db
	283	- 46.214.136.7
	284	- 10.132.64.121
	285	hostname: falticeni.radius-db
	286	tg_frumos_radius_db:
	287	aliases:
	288	- tg_frumos.radius-db
	289	- 94.53.170.7
	290	- 10.132.32.121
	291	hostname: tg_frumos.radius-db
	292	buhusi_radius_db:
	293	aliases:
	294	- buhusi.radius-db
	295	- 46.214.240.7
	296	- 10.132.128.121
	297	hostname: buhusi.radius-db
	298	bucuresti_radius_pppoe:
	299	aliases:
	300	- bucuresti.radius-pppoe
	301	- 188.173.1.29
	302	hostname: bucuresti.radius-pppoe
	303	legacy_public:
	304	description: Legacy public VoIP jump
	305	default_jump: j1
	306	hosts:
	307	voce_pub:
	308	aliases:
	309	- voce-pub
	310	- voce-pub2
	311	- 188.173.0.230
	312	hostname: 188.173.0.230
	313	user: bogdan
	314	port: 22
	315	imported_jump_hosts:
	316	description: Hosts imported from J1/J2 user SSH configs
	317	default_jump: j1
	318	defaults:
	319	user: bogdan.timofte
	320	port: 24
	321	hosts:
	322	host_10_132_128_121:
	323	aliases:
	324	- 10.132.128.121
	325	hostname: 10.132.128.121
	326	host_188_173_0_163:
	327	aliases:
	328	- 188.173.0.163
	329	hostname: 188.173.0.163
	330	user: bogdan
	331	host_188_173_0_141:
	332	aliases:
	333	- 188.173.0.141
	334	hostname: 188.173.0.141
	335	user: bogdan
	336	noc:
	337	description: NOC hosts grouped by function
	338	default_jump: j1
	339	defaults:
	340	user: bogdan.timofte
	341	port: 24
	342	pve:
	343	description: Proxmox hosts
	344	default_jump: j1
	345	hosts:
	346	nocpve_nxdata1:
	347	aliases:
	348	- nocpve-nxdata1
	349	- 188.173.1.112
	350	- 10.253.51.24
	351	hostname: 10.253.51.24
	352	user: root
	353	nocpve_nxdata2:
	354	aliases:
	355	- nocpve-nxdata2
	356	- 188.173.1.116
	357	- 10.253.51.25
	358	hostname: 10.253.51.25
	359	user: root
	360	nocpve_ines1:
	361	aliases:
	362	- nocpve-ines1
	363	- 188.173.1.117
	364	- 10.253.51.27
	365	hostname: 10.253.51.27
	366	user: root
	367	nocpve_ines2:
	368	aliases:
	369	- nocpve-ines2
	370	- 188.173.1.118
	371	- 10.253.51.28
	372	hostname: 10.253.51.28
	373	user: root
	374	itpve_ines1:
	375	aliases:
	376	- itpve-ines1
	377	- 188.173.0.211
	378	- 10.253.51.211
	379	hostname: 10.253.51.211
	380	user: root
	381	itpve_ines2:
	382	aliases:
	383	- itpve-ines2
	384	- 188.173.0.212
	385	- 10.253.51.212
	386	hostname: 10.253.51.212
	387	user: root
	388	itpve_ines3:
	389	aliases:
	390	- itpve-ines3
	391	- 188.173.0.213
	392	- 10.253.51.213
	393	hostname: 10.253.51.213
	394	user: root
	395	itpve_ines4:
	396	aliases:
	397	- itpve-ines4
	398	- 188.173.0.222
	399	- 10.253.51.222
	400	hostname: 10.253.51.222
	401	user: root
	402	itpve_bns1:
	403	aliases:
	404	- itpve-bns1
	405	- 188.173.0.201
	406	- 10.253.51.201
	407	hostname: 10.253.51.201
	408	user: root
	409	itpve_bns2:
	410	aliases:
	411	- itpve-bns2
	412	- 188.173.0.202
	413	- 10.253.51.202
	414	hostname: 10.253.51.202
	415	user: root
	416	itpve_bns3:
	417	aliases:
	418	- itpve-bns3
	419	- 188.173.0.203
	420	- 10.253.51.203
	421	hostname: 10.253.51.203
	422	user: root
	423	itpve_bns4:
	424	aliases:
	425	- itpve-bns4
	426	- 188.173.0.220
	427	- 10.253.51.204
	428	hostname: 10.253.51.204
	429	user: root
	430	backup:
	431	description: Backup hosts
	432	default_jump: j1
	433	hosts:
	434	backup_bns_01:
	435	aliases:
	436	- backup-bns-01
	437	- 188.173.1.83
	438	hostname: 188.173.1.83
	439	user: root
	440	huawei_olts:
	441	description: Huawei OLT access equipment with interactive password auth
	442	default_jump: j1
	443	defaults:
	444	user: bogdan.timofte@next-gen.ro
	445	port: 22
	446	auth: password_interactive
	447	hosts:
	448	pascani_olt:
	449	aliases:
	450	- pascani.olt
	451	hostname: pascani.olt
	452	radauti_olt:
	453	aliases:
	454	- radauti.olt
	455	- 10.132.96.50
	456	hostname: radauti.olt
	457	cisco_routers:
	458	description: Cisco and similar managed devices with interactive password auth
	459	default_jump: j1
	460	defaults:
	461	user: bogdan.timofte
	462	port: 22
	463	auth: password_interactive
	464	hosts:
	465	pascani_headend_cr01:
	466	aliases:
	467	- pascani.headend.cr01
	468	- 10.132.0.97
	469	hostname: pascani.headend.cr01
	470	buhusi_headend_as01:
	471	aliases:
	472	- buhusi.headend.as01
	473	- 10.132.128.11
	474	hostname: buhusi.headend.as01
	475	buhusi_headend_as02:
	476	aliases:
	477	- buhusi.headend.as02
	478	- 10.132.128.12
	479	hostname: buhusi.headend.as02
	480	buhusi_headend_as03:
	481	aliases:
	482	- buhusi.headend.as03
	483	- 10.132.128.13
	484	hostname: buhusi.headend.as03
	485	buhusi_headend_as04:
	486	aliases:
	487	- buhusi.headend.as04
	488	- 10.132.128.14
	489	hostname: buhusi.headend.as04
	490	buhusi_headend_as05:
	491	aliases:
	492	- buhusi.headend.as05
	493	- 10.132.128.15
	494	hostname: buhusi.headend.as05
	495	buhusi_headend_dr01:
	496	aliases:
	497	- buhusi.headend.dr01
	498	- 10.132.128.1
	499	hostname: buhusi.headend.dr01
	500	buhusi_headend_ds02:
	501	aliases:
	502	- buhusi.headend.ds02
	503	- 10.132.128.5
	504	hostname: buhusi.headend.ds02
	505	falticeni_headend_dr01:
	506	aliases:
	507	- falticeni.headend.dr01
	508	- 10.132.64.1
	509	hostname: falticeni.headend.dr01
	510	falticeni_headend_ds02:
	511	aliases:
	512	- falticeni.headend.ds02
	513	- 10.132.64.5
	514	hostname: falticeni.headend.ds02
	515	falticeni_headend_ds04:
	516	aliases:
	517	- falticeni.headend.ds04
	518	- 10.132.64.7
	519	hostname: falticeni.headend.ds04
	520	pascani_headend_as01:
	521	aliases:
	522	- pascani.headend.as01
	523	- 10.132.0.5
	524	hostname: pascani.headend.as01
	525	pascani_headend_dr01:
	526	aliases:
	527	- pascani.headend.dr01
	528	- 10.132.0.1
	529	hostname: pascani.headend.dr01
	530	pascani_headend_dr02:
	531	aliases:
	532	- pascani.headend.dr02
	533	- 10.132.0.100
	534	hostname: pascani.headend.dr02
	535	pascani_headend_dr03:
	536	aliases:
	537	- pascani.headend.dr03
	538	- 10.132.0.99
	539	hostname: pascani.headend.dr03
	540	pascani_headend_ds01:
	541	aliases:
	542	- pascani.headend.ds01
	543	- 10.132.0.3
	544	hostname: pascani.headend.ds01
	545	pascani_headend_tv01:
	546	aliases:
	547	- pascani.headend.tv01
	548	- 10.132.0.101
	549	hostname: pascani.headend.tv01
	550	radauti_headend_as01:
	551	aliases:
	552	- radauti.headend.as01
	553	- 10.132.96.11
	554	hostname: radauti.headend.as01
	555	radauti_headend_dr01:
	556	aliases:
	557	- radauti.headend.dr01
	558	- 172.30.255.101
	559	hostname: radauti.headend.dr01
	560	tg_frumos_headend_as01:
	561	aliases:
	562	- tg_frumos.headend.as01
	563	- 10.132.32.11
	564	hostname: tg_frumos.headend.as01
	565	tg_frumos_headend_dr01:
	566	aliases:
	567	- tg_frumos.headend.dr01
	568	- 10.132.32.1
	569	hostname: tg_frumos.headend.dr01
	570	tg_frumos_headend_ds01:
	571	aliases:
	572	- tg_frumos.headend.ds01
	573	- 10.132.32.3
	574	hostname: tg_frumos.headend.ds01
	575	network_switches:
	576	description: DCN switches with interactive password auth
	577	default_jump: j1
	578	defaults:
	579	user: bogdan.timofte
	580	port: 22
	581	auth: password_interactive
	582	hosts:
	583	buhusi_psw_010:
	584	aliases:
	585	- buhusi-psw-010
	586	- 10.132.128.20
	587	hostname: buhusi-psw-010
	588	buhusi_psw_011:
	589	aliases:
	590	- buhusi-psw-011
	591	- 10.132.128.21
	592	hostname: buhusi-psw-011
	593	buhusi_psw_012:
	594	aliases:
	595	- buhusi-psw-012
	596	- 10.132.128.22
	597	hostname: buhusi-psw-012
	598	buhusi_psw_013:
	599	aliases:
	600	- buhusi-psw-013
	601	- 10.132.128.23
	602	hostname: buhusi-psw-013
	603	buhusi_psw_014:
	604	aliases:
	605	- buhusi-psw-014
	606	- 10.132.128.24
	607	hostname: buhusi-psw-014
	608	buhusi_silistea_psw_001:
	609	aliases:
	610	- buhusi.silistea.psw-001
	611	- 10.132.128.50
	612	hostname: buhusi.silistea.psw-001
	613	falticeni_psw_110:
	614	aliases:
	615	- falticeni-psw-110
	616	- 10.132.64.20
	617	hostname: falticeni-psw-110
	618	radauti_headend_ag001:
	619	aliases:
	620	- radauti.headend.ag001
	621	- 10.132.96.12
	622	hostname: radauti.headend.ag001
	623	mikrotik_routers:
	624	description: MikroTik CRS/CCR equipment with interactive password auth
	625	default_jump: j1
	626	defaults:
	627	user: admin
	628	port: 24
	629	auth: password_interactive
	630	hosts:
	631	buhusi_mikrotik_dr01:
	632	aliases:
	633	- buhusi.mikrotik.dr01
	634	- 10.132.128.110
	635	hostname: buhusi.mikrotik.dr01
	636	buhusi_mikrotik_ds01:
	637	aliases:
	638	- buhusi.mikrotik.ds01
	639	- 10.132.128.100
	640	hostname: buhusi.mikrotik.ds01
	641	buhusi_mikrotik_pppoe01:
	642	aliases:
	643	- buhusi.mikrotik.pppoe01
	644	- 10.132.128.111
	645	hostname: buhusi.mikrotik.pppoe01
	646	buhusi_mikrotik_pppoe02:
	647	aliases:
	648	- buhusi.mikrotik.pppoe02
	649	- 10.132.128.112
	650	hostname: buhusi.mikrotik.pppoe02
	651	falticeni_mikrotik_dr01:
	652	aliases:
	653	- falticeni.mikrotik.dr01
	654	- 10.132.64.110
	655	hostname: falticeni.mikrotik.dr01
	656	falticeni_mikrotik_ds01:
	657	aliases:
	658	- falticeni.mikrotik.ds01
	659	- 10.132.64.100
	660	hostname: falticeni.mikrotik.ds01
	661	falticeni_mikrotik_pppoe1:
	662	aliases:
	663	- falticeni.mikrotik.pppoe1
	664	- 10.132.64.111
	665	hostname: falticeni.mikrotik.pppoe1
	666	falticeni_mikrotik_pppoe2:
	667	aliases:
	668	- falticeni.mikrotik.pppoe2
	669	- 10.132.64.112
	670	hostname: falticeni.mikrotik.pppoe2
	671	pascani_mikrotik_pppoe1:
	672	aliases:
	673	- pascani.mikrotik.pppoe1
	674	- 10.132.0.111
	675	hostname: pascani.mikrotik.pppoe1
	676	pascani_mikrotik_pppoe2:
	677	aliases:
	678	- pascani.mikrotik.pppoe2
	679	- 10.132.0.112
	680	hostname: pascani.mikrotik.pppoe2
	681	radauti_mikrotik_pppoe1:
	682	aliases:
	683	- radauti.mikrotik.pppoe1
	684	- 10.132.96.111
	685	hostname: radauti.mikrotik.pppoe1
	686	radauti_mikrotik_pppoe2:
	687	aliases:
	688	- radauti.mikrotik.pppoe2
	689	- 10.132.96.112
	690	hostname: radauti.mikrotik.pppoe2
	691	tg_frumos_mikrotik_dr01:
	692	aliases:
	693	- tg_frumos.mikrotik.dr01
	694	- 94.53.170.1
	695	hostname: tg_frumos.mikrotik.dr01
	696	tg_frumos_mikrotik_pppoe1:
	697	aliases:
	698	- tg_frumos.mikrotik.pppoe1
	699	- 10.132.32.111
	700	hostname: tg_frumos.mikrotik.pppoe1