Change DNS in default, change tagged port 4

metal-stack · Oct 21, 2024 · bb9ca3f · bb9ca3f
1 parent 0f2e342
commit bb9ca3f
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 2 deletions.
diff --git a/partition/roles/mgmt-firewall/README.md b/partition/roles/mgmt-firewall/README.md
@@ -45,6 +45,13 @@ Drop invalid packets On
    - Masquerading: on
    - MSS clamping: on
 
+### VLAN
+
+Vlan 1 is tagged the port 4
+Vlan 2 is tagged the port 5 (WAN)
+
+Other Vlans can be configured dynamically.
+
 ### BGP
 
 BGP peer is hardcoded right now to be named mgmtsrv, the IP and AS can be configured dynamically.

diff --git a/partition/roles/mgmt-firewall/tasks/main.yaml b/partition/roles/mgmt-firewall/tasks/main.yaml
@@ -135,7 +135,8 @@
     uci set network.wan.ipaddr='{{mgmt_firewall_interfaces.mgmt_firewall_wan.default.ip_adress}}'
     uci set network.wan.netmask='{{mgmt_firewall_interfaces.mgmt_firewall_wan.default.net_mask}}'
     uci set network.wan.gateway='{{mgmt_firewall_interfaces.mgmt_firewall_wan.default.gateway}}'
-    uci set network.wan.dns='1.1.1.1' '1.0.0.1'
+    uci add_list network.wan.dns='1.1.1.1' 
+    uci add_list network.wan.dns='1.0.0.1'
     uci set network.wan.peerdns='0'
     uci set network.wan.proto='static'
     uci commit network
@@ -242,7 +243,7 @@
 
 - name: Setup static VLANs (VLAN 1 and 2)
   ansible.builtin.raw: |
-    uci set network.@switch_vlan[0].ports='0t 4t'
+    uci set network.@switch_vlan[0].ports='0t 4'
     uci set network.@switch_vlan[1].ports='0t 5t'
     uci commit network