2023-08-27 09:35:56 +00:00
|
|
|
---
|
|
|
|
wireguard_address: "10.0.1.2/24"
|
|
|
|
perrsistent_keepalive: "30"
|
|
|
|
wireguard_endpoint: ""
|
|
|
|
|
|
|
|
wireguard_postup:
|
|
|
|
- iptables -A FORWARD -i wg0 -j ACCEPT
|
|
|
|
- iptables -A FORWARD -o wg0 -j ACCEPT
|
|
|
|
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
|
|
|
|
|
|
wireguard_postdown:
|
|
|
|
- iptables -D FORWARD -i wg0 -j ACCEPT
|
|
|
|
- iptables -D FORWARD -o wg0 -j ACCEPT
|
|
|
|
- iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
|
|
|
consul_snapshot: True
|
2023-08-27 15:06:45 +00:00
|
|
|
vault_snapshot: True
|
|
|
|
vault_backup_location: "/mnt/diskstation/git/backup/vault"
|
|
|
|
vault_roleID: "{{ lookup('hashi_vault','secret=secrets/data/ansible/hashistack:vault-snapshot_approle') }}"
|
|
|
|
vault_secretID: "{{ lookup('hashi_vault','secret=secrets/data/ansible/hashistack:vault-snapshot_secretID') }}"
|