add omada config

ansible/inventory/group_vars/all/address_book.yaml

@@ -197,6 +197,15 @@ address_book:
       ipv4_addr: 10.9.18.103
       groups:
         - unifi_devices
+    ap-patio:
+      hostname: ap-patio
+      mac_addr: 00:31:92:8a:7e:ee
+      network: mgmt
+      dhcp_client: true
+      ipv4_addr: 10.9.18.105
+      groups:
+        - tplink_eap_devices
+
     # bcs:
     #   hostname: bcs
     #   mac_addr: aa:00:02:00:24:0f
@@ -700,6 +709,8 @@ address_book:
       ipv4_addr: 10.45.10.11
     k8s_dns:
       ipv4_addr: 10.45.10.13
+    k8s_tplink_controller:
+      ipv4_addr: 10.45.10.20
     mullvad_ip:
       ipv4_addr: 198.54.132.82 
     racknerd_ip:

ansible/inventory/host_vars/fw/firewall_rules.yml

@@ -460,3 +460,17 @@ vyos_firewall_rules:
     destination:
       address-group: airplay_devices
       port: 7200-17210
+
+  accept_tplink_to_controller_udp:
+    action: accept
+    protocol: udp
+    destination:
+      address-group: k8s_tplink_controller
+      port: 29810-29813
+
+  accept_tplink_to_controller_tcp:
+    action: accept
+    protocol: tcp
+    destination:
+      address-group: k8s_tplink_controller
+      port: 29810-29813

ansible/inventory/host_vars/fw/firewall_zones.yml

@@ -256,6 +256,8 @@ vyos_firewall_zones:
           - accept_unifi_inform: null
           - accept_unifi_stun: null
           - accept_stepca_ingress_from_internal: null
+          - accept_tplink_to_controller_udp: null
+          - accept_tplink_to_controller_tcp: null
       - includeZones:
           - wireless
         default: drop

ansible/inventory/host_vars/fw/main.yml

@@ -246,7 +246,8 @@ vyos_dhcp_server:
   host-decl-name: true
   hostfile-update: true
   interfaces:
-    mgmt: true
+    mgmt:
+      subnet_parameters: "option omada-address 10.45.10.20;"
     wired:
       domain: "{{ vyos_domain }}"
     servers: