From 83d52d6c85cff8dd91d3ed6c6afd5947c5ded851 Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Wed, 19 Aug 2020 16:05:50 +0200
Subject: [PATCH] [firewall] Deploy firewall on gulp

---
 host_vars/gulp.adm.crans.org.yml           | 3 +++
 host_vars/routeur-daniel.adm.crans.org.yml | 2 ++
 host_vars/routeur-sam.adm.crans.org.yml    | 2 ++
 hosts                                      | 1 +
 plays/firewall.yml                         | 4 ++--
 roles/firewall/tasks/main.yml              | 1 +
 6 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/host_vars/gulp.adm.crans.org.yml b/host_vars/gulp.adm.crans.org.yml
index 6289c701..cc5c83dd 100644
--- a/host_vars/gulp.adm.crans.org.yml
+++ b/host_vars/gulp.adm.crans.org.yml
@@ -7,6 +7,9 @@ interfaces:
   wifi_new: ens1f0.22
   zayo: ens1f0.26
 
+firewall:
+  version: gulp
+
 loc_keepalived:
   instances:
     - name: router
diff --git a/host_vars/routeur-daniel.adm.crans.org.yml b/host_vars/routeur-daniel.adm.crans.org.yml
index 284bf31a..c3d4db4a 100644
--- a/host_vars/routeur-daniel.adm.crans.org.yml
+++ b/host_vars/routeur-daniel.adm.crans.org.yml
@@ -7,6 +7,8 @@ interfaces:
   adh: ens22
   adh_nat: ens23
 
+firewall:
+  version: HEAD
 
 loc_keepalived:
   instances:
diff --git a/host_vars/routeur-sam.adm.crans.org.yml b/host_vars/routeur-sam.adm.crans.org.yml
index 9c76a958..ea5639d5 100644
--- a/host_vars/routeur-sam.adm.crans.org.yml
+++ b/host_vars/routeur-sam.adm.crans.org.yml
@@ -8,6 +8,8 @@ interfaces:
   adh_nat: ens23
   srv_old: ens1
 
+firewall:
+  version: HEAD
 
 loc_keepalived:
   instances:
diff --git a/hosts b/hosts
index 0d5280dc..a4c03b0c 100644
--- a/hosts
+++ b/hosts
@@ -69,6 +69,7 @@ tealc.adm.crans.org
 sam.adm.crans.org
 daniel.adm.crans.org
 jack.adm.crans.org
+gulp.adm.crans.org
 
 [crans_vm]
 voyager.adm.crans.org
diff --git a/plays/firewall.yml b/plays/firewall.yml
index 720c2f97..75a2f071 100755
--- a/plays/firewall.yml
+++ b/plays/firewall.yml
@@ -10,7 +10,7 @@
     - arp-proxy
 
 # Deploy firewall
-- hosts: crans_routeurs
+- hosts: crans_routeurs,gulp.adm.crans.org
   vars:
     re2o:
       server: re2o.adm.crans.org
@@ -20,7 +20,7 @@
     - firewall
 
 # Deploy BGP server configuration on IPv4 routers
-- hosts: crans_routeurs
+- hosts: crans_routeurs,gulp.adm.crans.org
   vars:
     zebra:
       password: "{{ vault_zebra_password }}"
diff --git a/roles/firewall/tasks/main.yml b/roles/firewall/tasks/main.yml
index b5801290..1d4879ec 100644
--- a/roles/firewall/tasks/main.yml
+++ b/roles/firewall/tasks/main.yml
@@ -31,6 +31,7 @@
 - name: Clone firewall repository
   git:
     repo: 'http://gitlab.adm.crans.org/nounous/firewall.git'
+    version: "{{ firewall.version }}"
     dest: /var/local/firewall
     umask: '002'
 
-- 
GitLab