From e7ed329bd81c2273c03e94c93c9ce9c1d01cdc86 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Sat, 1 Apr 2017 04:53:28 +0200
Subject: Initial import

---
 vm/vagrant-router/Vagrantfile   | 35 +++++++++++++++++++++++++++++++++++
 vm/vagrant-router/inventory.erb |  2 ++
 vm/vagrant-router/rebuild.sh    |  5 +++++
 vm/vagrant-router/router.yml    | 16 ++++++++++++++++
 4 files changed, 58 insertions(+)
 create mode 100644 vm/vagrant-router/Vagrantfile
 create mode 100644 vm/vagrant-router/inventory.erb
 create mode 100755 vm/vagrant-router/rebuild.sh
 create mode 100644 vm/vagrant-router/router.yml

(limited to 'vm')

diff --git a/vm/vagrant-router/Vagrantfile b/vm/vagrant-router/Vagrantfile
new file mode 100644
index 0000000..6e39ae0
--- /dev/null
+++ b/vm/vagrant-router/Vagrantfile
@@ -0,0 +1,35 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+    config.vm.define "ipekatrinrouter" do |node|
+        node.vm.box = "centos/7"
+        node.vm.hostname = "ipekatrinrouter"
+        node.vm.network "public_network", bridge: "br0", ip: "141.52.64.15", netmask: "255.255.254.0"
+        node.vm.network "public_network", bridge: "br0", ip: "141.52.64.17", netmask: "255.255.254.0"
+        node.vm.network "public_network", bridge: "br0", ip: "192.168.26.254"
+        
+        node.vm.provision "shell", run: "always", inline: "( ip addr show | grep 64.15 ) || ifcfg eth1 141.52.64.15/23"
+        node.vm.provision "shell", run: "always", inline: "( ip addr show | grep 64.17 ) || ifcfg eth2 141.52.64.17/23"
+        node.vm.provision "shell", run: "always", inline: "( ip addr show | grep 192.168.26 ) || ifcfg eth3 192.168.26.254"
+        node.vm.provision "shell", run: "always", inline: "chmod +r /etc/sysconfig/network-scripts/ifcfg-eth*"
+        node.vm.provision "shell", run: "always", inline: "chcon --reference /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth*"
+        
+        node.vm.provision "shell" do |s|
+            ssh_pub_key = File.readlines("/Image/My/Private/ssh/authorized_keys").first.strip
+            s.inline = <<-SHELL
+                mkdir -p /root/.ssh/
+                echo #{ssh_pub_key} >> /root/.ssh/authorized_keys
+            SHELL
+        end
+
+        node.vm.provider "virtualbox" do |vb|
+            vb.memory = "1024"
+            vb.customize [
+                "modifyvm", :id,
+                "--audio", "none",
+            ]
+        end
+    end
+end
+
diff --git a/vm/vagrant-router/inventory.erb b/vm/vagrant-router/inventory.erb
new file mode 100644
index 0000000..c5a23d6
--- /dev/null
+++ b/vm/vagrant-router/inventory.erb
@@ -0,0 +1,2 @@
+[router]
+192.168.26.254
diff --git a/vm/vagrant-router/rebuild.sh b/vm/vagrant-router/rebuild.sh
new file mode 100755
index 0000000..cb6ed58
--- /dev/null
+++ b/vm/vagrant-router/rebuild.sh
@@ -0,0 +1,5 @@
+#vagrant destroy -f
+#vagrant up --parallel
+
+export ANSIBLE_HOST_KEY_CHECKING=False
+ansible-playbook -i inventory.erb ./router.yml
diff --git a/vm/vagrant-router/router.yml b/vm/vagrant-router/router.yml
new file mode 100644
index 0000000..68b914e
--- /dev/null
+++ b/vm/vagrant-router/router.yml
@@ -0,0 +1,16 @@
+ - name: Configure router
+   hosts: router
+   remote_user: root
+   
+   tasks:
+    - name: IP Forwarding
+      sysctl: name="net.ipv4.ip_forward" value="1" sysctl_set="yes" reload="yes"
+    
+    - name: DNAT / eth1
+      iptables: table="nat" chain="PREROUTING" in_interface="eth1" jump="DNAT" to_destination="192.168.26.1"
+
+    - name: DNAT / eth2
+      iptables: table="nat" chain="PREROUTING" in_interface="eth2" jump="DNAT" to_destination="192.168.26.1"
+
+    - name: SNAT
+      iptables: table="nat" chain="POSTROUTING" out_interface="eth3" jump="SNAT" to_source="192.168.26.254"
-- 
cgit v1.2.1