This commit is contained in:
parent
0951fbb6c7
commit
295e45e5f8
15
ansible/host_vars/gerard-dev
Normal file
15
ansible/host_vars/gerard-dev
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
wireguard_address: "10.0.1.6/24"
|
||||||
|
perrsistent_keepalive: "20"
|
||||||
|
wireguard_endpoint: ""
|
||||||
|
|
||||||
|
wireguard_postup:
|
||||||
|
- iptables -A FORWARD -i wg0 -j ACCEPT
|
||||||
|
- iptables -A FORWARD -o wg0 -j ACCEPT
|
||||||
|
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
|
||||||
|
wireguard_postdown:
|
||||||
|
- iptables -D FORWARD -i wg0 -j ACCEPT
|
||||||
|
- iptables -D FORWARD -o wg0 -j ACCEPT
|
||||||
|
- iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
|
37
ansible/host_vars/merlin-dev
Normal file
37
ansible/host_vars/merlin-dev
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
---
|
||||||
|
wireguard_address: "10.0.1.4/24"
|
||||||
|
wireguard_endpoint: "{{ ansible_default_ipv4.address }}"
|
||||||
|
wireguard_persistent_keepalive: "30"
|
||||||
|
|
||||||
|
wireguard_postup:
|
||||||
|
- iptables -A FORWARD -o %i -j ACCEPT
|
||||||
|
- iptables -A FORWARD -i %i -j ACCEPT
|
||||||
|
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
|
||||||
|
wireguard_postdown:
|
||||||
|
- iptables -D FORWARD -i %i -j ACCEPT
|
||||||
|
- iptables -D FORWARD -o %i -j ACCEPT
|
||||||
|
- iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
|
||||||
|
wireguard_unmanaged_peers:
|
||||||
|
phone:
|
||||||
|
public_key: ioG35kDFTtip+Acfq+je9qDHYbZij+J6+Pg3T6Z4N0w=
|
||||||
|
allowed_ips: 10.0.1.3/32
|
||||||
|
persistent_keepalive: 0
|
||||||
|
zen:
|
||||||
|
public_key: rYYljQw8InmM95pxCP9KyZ8R+kcicgnjr6E9qtkI1Ag=
|
||||||
|
allowed_ips: 10.0.1.5/32
|
||||||
|
persistent_keepalive: 0
|
||||||
|
consul_client_addr: "127.0.0.1 10.0.1.4"
|
||||||
|
consul_bind_address: "10.0.1.4"
|
||||||
|
consul_ui: True
|
||||||
|
consul_iface: "wg0"
|
||||||
|
nomad_bind_addr: "10.0.1.4"
|
||||||
|
nomad_host_networks:
|
||||||
|
- name: "private"
|
||||||
|
interface: wg0
|
||||||
|
- name: "public"
|
||||||
|
interface: eth0
|
||||||
|
- name: "default"
|
||||||
|
interface: wg0
|
||||||
|
vault_listener_address: 10.0.1.4
|
15
ansible/host_vars/oscar-dev
Normal file
15
ansible/host_vars/oscar-dev
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
wireguard_address: "10.0.1.2/24"
|
||||||
|
perrsistent_keepalive: "30"
|
||||||
|
wireguard_endpoint: ""
|
||||||
|
|
||||||
|
wireguard_postup:
|
||||||
|
- iptables -A FORWARD -i wg0 -j ACCEPT
|
||||||
|
- iptables -A FORWARD -o wg0 -j ACCEPT
|
||||||
|
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
|
||||||
|
wireguard_postdown:
|
||||||
|
- iptables -D FORWARD -i wg0 -j ACCEPT
|
||||||
|
- iptables -D FORWARD -o wg0 -j ACCEPT
|
||||||
|
- iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
||||||
|
consul_snapshot: True
|
@ -23,7 +23,7 @@
|
|||||||
scm: git
|
scm: git
|
||||||
- src: ssh://git@git.ducamps.win:2222/ansible-roles/user_config.git
|
- src: ssh://git@git.ducamps.win:2222/ansible-roles/user_config.git
|
||||||
scm: git
|
scm: git
|
||||||
- src: https://github.com/githubixx/ansible-role-wireguard.git
|
- src: git@github.com:vincentDcmps/ansible-role-wireguard.git
|
||||||
scm: git
|
scm: git
|
||||||
- src: ssh://git@git.ducamps.win:2222/ansible-roles/ansible-consul.git
|
- src: ssh://git@git.ducamps.win:2222/ansible-roles/ansible-consul.git
|
||||||
scm: git
|
scm: git
|
||||||
@ -37,3 +37,5 @@
|
|||||||
scm: git
|
scm: git
|
||||||
- src: ssh://git@git.ducamps.win:2222/ansible-roles/ansible-user.git
|
- src: ssh://git@git.ducamps.win:2222/ansible-roles/ansible-user.git
|
||||||
scm: git
|
scm: git
|
||||||
|
- src: git@github.com:vincentDcmps/ansible-role-nfs.git
|
||||||
|
scm: git
|
||||||
|
@ -8,6 +8,8 @@ merlin-dev
|
|||||||
[database]
|
[database]
|
||||||
oscar-dev
|
oscar-dev
|
||||||
|
|
||||||
|
[wireguard:children]
|
||||||
|
staging
|
||||||
|
|
||||||
[staging]
|
[staging]
|
||||||
oscar-dev
|
oscar-dev
|
||||||
|
Loading…
Reference in New Issue
Block a user