From 2c00b9be594995cc9e092ccbac21accf39e6fe44 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sat, 27 Jan 2024 09:34:39 +0100
Subject: [PATCH] feat: redirect all cluster traffic on wirequard

---
 ansible/group_vars/all/all | 1 +
 ansible/host_vars/corwin   | 6 ++++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/ansible/group_vars/all/all b/ansible/group_vars/all/all
index e86e311..0bc275a 100644
--- a/ansible/group_vars/all/all
+++ b/ansible/group_vars/all/all
@@ -4,3 +4,4 @@ system_arch_local_mirror: "https://arch.{{domain.name}}/repo/archlinux_$arch"
 system_sudoers_group: "serverAdmin"
 system_ipV6_disable: True
 system_ip_unprivileged_port_start: 0
+wireguard_mtu: 1420
diff --git a/ansible/host_vars/corwin b/ansible/host_vars/corwin
index e69609f..ce2a222 100644
--- a/ansible/host_vars/corwin
+++ b/ansible/host_vars/corwin
@@ -1,10 +1,12 @@
 ---
 ansible_host: 10.0.0.1
-
+#ansible_host: 135.181.150.203
 wireguard_address: "10.0.0.1/24"
 wireguard_endpoint: "135.181.150.203"
 wireguard_persistent_keepalive: "20"
-wireguard_allowed_ips: "10.0.0.1/32,10.0.0.3/32,10.0.0.5/32"
+wireguard_byhost_allowed_ips:
+  gerard: 10.0.0.1,10.0.0.3,10.0.0.5
+wireguard_allowed_ips: "0.0.0.0/0"
 
 wireguard_postup:
   - iptables -A FORWARD -o %i -j ACCEPT