netbird/ansible-netbird
0
0
Fork 0
mirror of https://github.com/netbirdio/ansible-netbird.git synced 2026-05-22 18:43:36 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
differ
ansible-netbird/examples/basic_setup.yml
T
Tomas Kloda 8fd8e05255 address fix
2025-12-18 11:32:20 +01:00

131 lines
4.3 KiB
YAML
Raw Permalink Blame History

---
# Example: Basic NetBird Setup
# This playbook demonstrates basic NetBird configuration
- name: Configure NetBird Infrastructure
hosts: localhost
connection: local
gather_facts: false
vars:
netbird_api_url: "https://netbird.example.com"
# Use ansible-vault for the token in production
netbird_api_token: "{{ lookup('env', 'NETBIRD_API_TOKEN') }}"
tasks:
- name: Gather current NetBird information
community.ansible_netbird.netbird_info:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
resource: current_user
register: current_user
- name: Display current user
ansible.builtin.debug:
msg: "Connected as: {{ current_user.data.email }}"
- name: Create a group for developers
community.ansible_netbird.netbird_group:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
name: "developers"
state: present
register: developers_group
- name: Create a group for servers
community.ansible_netbird.netbird_group:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
name: "servers"
state: present
register: servers_group
- name: Create a setup key for new servers
community.ansible_netbird.netbird_setup_key:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
name: "server-enrollment"
key_type: "reusable"
expires_in: 604800 # 7 days
auto_groups:
- "{{ servers_group.group.id }}"
state: present
register: server_key
- name: Display the setup key
ansible.builtin.debug:
msg: "Server setup key: {{ server_key.setup_key.key | default('Already exists') }}"
when: server_key.changed
- name: Create a policy allowing developers to access servers
community.ansible_netbird.netbird_policy:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
name: "developers-to-servers"
description: "Allow developers to access servers"
enabled: true
rules:
- name: "developers-ssh-access"
sources:
- "{{ developers_group.group.id }}"
destinations:
- "{{ servers_group.group.id }}"
bidirectional: false
protocol: "tcp"
ports:
- "22"
- "443"
- "8080"
action: "accept"
state: present
# Network Routing Examples
- name: Create internal network with routing
community.ansible_netbird.netbird_network:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
name: "internal-network"
description: "Route to internal resources"
routers:
- peer: "gateway-peer-id" # Replace with actual peer ID
metric: 100
masquerade: true
resources:
- address: "172.16.0.0/16"
name: "internal-range"
description: "All internal IP addresses"
groups:
- "{{ developers_group.group.id }}"
state: present
register: internal_network
- name: Create network with domain-based routing
community.ansible_netbird.netbird_network:
api_url: "{{ netbird_api_url }}"
api_token: "{{ netbird_api_token }}"
name: "internal-services"
description: "Route traffic to internal domains"
routers:
- peer: "dns-gateway-peer-id" # Replace with actual peer ID
metric: 100
masquerade: true
resources:
# Route specific domain
- address: "gitlab.internal.example.com"
name: "gitlab"
groups:
- "{{ developers_group.group.id }}"
# Route all subdomains with wildcard
- address: "*.internal.example.com"
name: "internal-subdomains"
description: "All internal subdomains"
groups:
- "{{ developers_group.group.id }}"
state: present
register: services_network
- name: Display network info
ansible.builtin.debug:
msg: "Created networks: {{ internal_network.network.name }}, {{ services_network.network.name }}"
Reference in New Issue View Git Blame Copy Permalink