---
|
osp_default_rootfs_size: 30
|
|
opentlc_admin_pub_keys:
|
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3Avw03Dmh1R2QWQ4CV7JgEsXnHQjNhfppD5aZmh0q/64p6lW+2oNKTT7fVQcrsdmlJwrMd5apkUGrOcq0hHXQMEVZEKUmEjko2BqD5A9/zNX7apObW88bFFfgxc91lOT+e+wfCFsrr3b2SJ3+KL6nTBJV7Lf46i6z86vhiDPjqL7U9kTS+bK9ldU20vpn8h+ZAIaiafVWfjihUjhNpcUY46klixV1YcAkBGCbE+YR6RAAc6vWy0zB3YJnTUl9OFt213ofi1qjuWKVMmOxORxPKB4/JQ+hfAsCMysoVFnFYs10dWxaySK63OgY9uLNyaIwkEaVVIfcViRVm0DZfoNH gucore
|
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvZvn+GL0wTOsAdh1ikIQoqj2Fw/RA6F14O347rgKdpkgOQpGQk1k2gM8wcla2Y1o0bPIzwlNy1oh5o9uNjZDMeDcEXWuXbu0cRBy4pVRhh8a8zAZfssnqoXHHLyPyHWpdTmgIhr0UIGYrzHrnySAnUcDp3gJuE46UEBtrlyv94cVvZf+EZUTaZ+2KjTRLoNryCn7vKoGHQBooYg1DeHLcLSRWEADUo+bP0y64+X/XTMZOAXbf8kTXocqAgfl/usbYdfLOgwU6zWuj8vxzAKuMEXS1AJSp5aeqRKlbbw40IkTmLoQIgJdb2Zt98BH/xHDe9xxhscUCfWeS37XLp75J backdoor_opentlc_key
|
|
all_ssh_authorized_keys: "{{ opentlc_admin_pub_keys + [user_pub_key|d()] }}"
|
|
|
default_security_groups:
|
- name: BastionSG
|
description: >-
|
Bastion security group allows basic ICMP
|
and SSH adn Mosh ingress and egress to *
|
rules:
|
|
- name: SSHPublic
|
description: "Public Access for bastions"
|
from_port: 22
|
to_port: 22
|
protocol: tcp
|
cidr: "0.0.0.0/0"
|
rule_type: Ingress
|
|
- name: DefaultSG
|
description: >-
|
Default SG to allow ICMP and everything from bastion,
|
and from inside default SG
|
rules:
|
- name: FromBastionTCP
|
description: "Allow everything from Bastion"
|
from_port: 1
|
to_port: 65535
|
protocol: tcp
|
from_group: BastionSG
|
rule_type: Ingress
|
|
- name: FromBastionUDP
|
description: "Allow everything from Bastion"
|
from_port: 1
|
to_port: 65535
|
protocol: udp
|
from_group: BastionSG
|
rule_type: Ingress
|
|
# Environment specific security groups
|
security_groups: []
|
|
# A list of the private networks and subnets to create in the project
|
# You can create as many as you want, but at least one is required.
|
# Use the name of the networks where appropriate in the instance list
|
networks:
|
- name: default
|
shared: "false"
|
subnet_cidr: 192.168.47.0/24
|
gateway_ip: 192.168.47.1
|
allocation_start: 192.168.47.10
|
allocation_end: 192.168.47.254
|
dns_nameservers: []
|
create_router: true
|
|
# The external network in OpenStack where the floating IPs (FIPs) come from
|
provider_network: external
|
|
default_metadata:
|
owner: "{{ email | default('unknownuser') }}"
|
Project: "{{ project_tag }}"
|
guid: "{{ guid }}"
|
env_type: "{{ env_type }}"
|