From fc76317aecab00a64861ad807f24f3ab5d18ca29 Mon Sep 17 00:00:00 2001
From: shirenn <shirenn@crans.org>
Date: Sat, 6 Feb 2021 19:26:57 +0100
Subject: [PATCH] [oldinfra] cleanup

---
 re2o.yml                                      | 27 +---------
 roles/re2o-firewall-gulp/tasks/main.yml       |  8 ---
 .../firewall/firewall_config.py.j2            | 41 ---------------
 roles/re2o-firewall-ipv6-zayo/tasks/main.yml  |  8 ---
 .../firewall/firewall_config.py.j2            | 15 ------
 roles/re2o-firewall-odlyd/tasks/main.yml      |  8 ---
 .../firewall/firewall_config.py.j2            | 41 ---------------
 roles/re2o-firewall-routeur/tasks/main.yml    |  8 ---
 .../firewall/firewall_config.py.j2            | 52 -------------------
 9 files changed, 1 insertion(+), 207 deletions(-)
 delete mode 100644 roles/re2o-firewall-gulp/tasks/main.yml
 delete mode 100644 roles/re2o-firewall-gulp/templates/re2o-services/firewall/firewall_config.py.j2
 delete mode 100644 roles/re2o-firewall-ipv6-zayo/tasks/main.yml
 delete mode 100644 roles/re2o-firewall-ipv6-zayo/templates/re2o-services/firewall/firewall_config.py.j2
 delete mode 100644 roles/re2o-firewall-odlyd/tasks/main.yml
 delete mode 100644 roles/re2o-firewall-odlyd/templates/re2o-services/firewall/firewall_config.py.j2
 delete mode 100644 roles/re2o-firewall-routeur/tasks/main.yml
 delete mode 100644 roles/re2o-firewall-routeur/templates/re2o-services/firewall/firewall_config.py.j2

diff --git a/re2o.yml b/re2o.yml
index 44f085d7..20952aba 100755
--- a/re2o.yml
+++ b/re2o.yml
@@ -18,36 +18,16 @@
   roles:
     - re2o-dns
 
-# Deploy re2o home service on nfs server
-- hosts: zbee.adm.crans.org
-  roles:
-    - re2o-home
-
 # Deploy re2o notif-users service on zamok
 - hosts: zamok.adm.crans.org
   roles:
     - re2o-notif-users
 
-# Deploy re2o dhcp on dhcp servers
-- hosts: odlyd.adm.crans.org,dhcp.adm.crans.org
-  roles:
-    - re2o-dhcp
-
 # Deploy re2o firewall on servers
-- hosts: gulp.adm.crans.org,odlyd.adm.crans.org,ipv6-zayo.adm.crans.org,zamok.adm.crans.org,routeur.adm.crans.org
+- hosts: zamok.adm.crans.org
   roles:
     - re2o-firewall
 
-# Re2o firewall specific configuration for gulp
-- hosts: gulp.adm.crans.org
-  roles:
-    - re2o-firewall-gulp
-
-# Re2o firewall specific configuration for odlyd
-- hosts: odlyd.adm.crans.org
-  roles:
-    - re2o-firewall-odlyd
-
 # Re2o firewall specific configuration for ipv6-zayo
 - hosts: ipv6-zayo.adm.crans.org
   roles:
@@ -58,11 +38,6 @@
   roles:
     - re2o-firewall-zamok
 
-# Re2o firewall specific configuration for routeur
-- hosts: routeur.adm.crans.org
-  roles:
-    - re2o-firewall-routeur
-
 # Deploy re2o mail-server on MTA and MDA
 - hosts: titanic.adm.crans.org,sputnik.adm.crans.org
   roles:
diff --git a/roles/re2o-firewall-gulp/tasks/main.yml b/roles/re2o-firewall-gulp/tasks/main.yml
deleted file mode 100644
index 056f604b..00000000
--- a/roles/re2o-firewall-gulp/tasks/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Deploy firewall configuration for gulp
-  template:
-    src: re2o-services/firewall/firewall_config.py.j2
-    dest: /var/local/re2o-services/firewall/firewall_config.py
-    mode: '644'
-    owner: root
-    group: root
diff --git a/roles/re2o-firewall-gulp/templates/re2o-services/firewall/firewall_config.py.j2 b/roles/re2o-firewall-gulp/templates/re2o-services/firewall/firewall_config.py.j2
deleted file mode 100644
index 7c8cd0db..00000000
--- a/roles/re2o-firewall-gulp/templates/re2o-services/firewall/firewall_config.py.j2
+++ /dev/null
@@ -1,41 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-{{ ansible_header | comment }}
-
-### Give me a role
-
-role = ['routeur4']
-
-
-### Specify each interface role
-
-interfaces_type = {
-    'routable' : ['eno1.1', 'ens1f0.21', 'ens1f0.22', 'ens1f0.23', 'ens1f0.24'],
-    'sortie' : ['ens1f0.26', 'ens1f0.1132'],
-    'admin' : ['eno1.2', 'eno1.3'],
-    '6in4' : [('ens1f0.23', 'ens1f0.26')]
-}
-
-### Specify nat settings: name, interfaces with range, and global range for nat
-### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
-### contain /16 range
-
-nat = [
-    {
-        'name' : 'Wifi',
-        'interfaces_ip_to_nat' : {
-            'ens1f0.26' : '185.230.76.0/24',
-            'eno1.1' : '138.231.144.0/24',
-            'ens1f0.1132' : '138.231.144.0/24',
-        },
-        'ip_sources' : '10.53.0.0/16'
-    },
-    {
-        'name' : 'Filaire',
-        'interfaces_ip_to_nat' : {
-            'ens1f0.26' : '185.230.77.0/24',
-            'eno1.1' : '138.231.145.0/24',
-            'ens1f0.1132' : '138.231.145.0/24',
-        },
-        'ip_sources' : '10.54.0.0/16'
-    }
-]
diff --git a/roles/re2o-firewall-ipv6-zayo/tasks/main.yml b/roles/re2o-firewall-ipv6-zayo/tasks/main.yml
deleted file mode 100644
index b002e58b..00000000
--- a/roles/re2o-firewall-ipv6-zayo/tasks/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Deploy firewall configuration for ipv6-zayo
-  template:
-    src: re2o-services/firewall/firewall_config.py.j2
-    dest: /var/local/re2o-services/firewall/firewall_config.py
-    mode: '644'
-    owner: root
-    group: root
diff --git a/roles/re2o-firewall-ipv6-zayo/templates/re2o-services/firewall/firewall_config.py.j2 b/roles/re2o-firewall-ipv6-zayo/templates/re2o-services/firewall/firewall_config.py.j2
deleted file mode 100644
index bba22b62..00000000
--- a/roles/re2o-firewall-ipv6-zayo/templates/re2o-services/firewall/firewall_config.py.j2
+++ /dev/null
@@ -1,15 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-{{ ansible_header | comment }}
-
-### Give me a role
-
-role = ['routeur6']
-
-
-### Specify each interface role
-
-interfaces_type = {
-    'routable' : ['ens18', 'ens20', 'ens21', 'ens1', 'ens2'],
-    'sortie' : ['ens22'],
-    'admin' : ['ens19', 'ens23']
-}
diff --git a/roles/re2o-firewall-odlyd/tasks/main.yml b/roles/re2o-firewall-odlyd/tasks/main.yml
deleted file mode 100644
index fbdf1a66..00000000
--- a/roles/re2o-firewall-odlyd/tasks/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Deploy firewall configuration for odlyd
-  template:
-    src: re2o-services/firewall/firewall_config.py.j2
-    dest: /var/local/re2o-services/firewall/firewall_config.py
-    mode: '644'
-    owner: root
-    group: root
diff --git a/roles/re2o-firewall-odlyd/templates/re2o-services/firewall/firewall_config.py.j2 b/roles/re2o-firewall-odlyd/templates/re2o-services/firewall/firewall_config.py.j2
deleted file mode 100644
index 3cf5f8a3..00000000
--- a/roles/re2o-firewall-odlyd/templates/re2o-services/firewall/firewall_config.py.j2
+++ /dev/null
@@ -1,41 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-{{ ansible_header | comment }}
-
-### Give me a role
-
-role = ['routeur4']
-
-
-### Specify each interface role
-
-interfaces_type = {
-    'routable' : ['eth0.1', 'ens1f0.21', 'ens1f0.22', 'ens1f0.23', 'ens1f0.24'],
-    'sortie' : ['ens1f0.26', 'ens1f0.1132'],
-    'admin' : ['eth0.2', 'eth0.3', 'eth0.9', 'eth0.7', 'eth0.4'],
-    '6in4' : [('ens1f0.23', 'ens1f0.26')]
-}
-
-### Specify nat settings: name, interfaces with range, and global range for nat
-### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST
-### contain /16 range
-
-nat = [
-    {
-        'name' : 'Wifi',
-        'interfaces_ip_to_nat' : {
-            'ens1f0.26' : '185.230.76.0/24',
-            'eth0.1' : '138.231.144.0/24',
-            'ens1f0.1132' : '138.231.144.0/24',
-        },
-        'ip_sources' : '10.53.0.0/16'
-    },
-    {
-        'name' : 'Filaire',
-        'interfaces_ip_to_nat' : {
-            'ens1f0.26' : '185.230.77.0/24',
-            'eth0.1' : '138.231.145.0/24',
-            'ens1f0.1132' : '138.231.145.0/24',
-        },
-        'ip_sources' : '10.54.0.0/16'
-    }
-]
diff --git a/roles/re2o-firewall-routeur/tasks/main.yml b/roles/re2o-firewall-routeur/tasks/main.yml
deleted file mode 100644
index 0ccef3db..00000000
--- a/roles/re2o-firewall-routeur/tasks/main.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-- name: Deploy firewall configuration for routeur
-  template:
-    src: re2o-services/firewall/firewall_config.py.j2
-    dest: /var/local/re2o-services/firewall/firewall_config.py
-    mode: '644'
-    owner: root
-    group: root
diff --git a/roles/re2o-firewall-routeur/templates/re2o-services/firewall/firewall_config.py.j2 b/roles/re2o-firewall-routeur/templates/re2o-services/firewall/firewall_config.py.j2
deleted file mode 100644
index 12dca11a..00000000
--- a/roles/re2o-firewall-routeur/templates/re2o-services/firewall/firewall_config.py.j2
+++ /dev/null
@@ -1,52 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-{{ ansible_header | comment }}
-
-### Give me a role
-
-role = ['portail']
-
-
-### Specify each interface role
-
-interfaces_type = {
-    'routable' : ['ens20', 'ens21'],
-    'sortie' : ['ens18'],
-    'admin' : ['ens19']
-}
-
-portail = {
-    'autorized_hosts' : {
-        'tcp' : {
-            '138.231.136.12' : ['22'],
-            '138.231.136.98' : ['20', '21', '80', '111', '1024:65535'],
-            '138.231.136.145' : ['80', '443'],
-            '213.154.225.236' : ['80', '443'],
-            '213.154.225.237' : ['80', '443'],
-            '172.217.18.197' : ['80', '443'], #gmail addresses
-            '108.177.15.83' : ['80', '443'],
-            '108.177.15.18' : ['80', '443'],
-            '108.177.15.17' : ['80', '443'],
-            '108.177.15.19' : ['80', '443'],
-            '172.217.18.205' : ['80', '443'], #accounts google
-            '172.217.18.195' : ['80', '443'],
-            '46.255.53.35' : ['80', '443'],
-            '46.255.53.17' : ['80', '443'],
-            '0.0.0.0/0' : ['143', '220', '993']
-        },
-        'udp' : {
-            '138.231.136.98' : ['69', '1024:65535']
-        }
-    },
-    'ip_redirect' : {
-        '10.51.0.0/16' : {
-            'tcp' : {
-                '138.231.136.145' : ['80', '443']
-            }
-        },
-        '10.52.0.0/16' : {
-            'tcp' : {
-                '138.231.136.145' : ['80', '443']
-            }
-        }
-    }
-}
-- 
GitLab