wiregard on gerard and database on merlin

2022-09-09 17:33:35 +02:00 · 2022-09-09 17:33:35 +02:00 · 34544dda96
commit 34544dda96
parent 6640d1da22
6 changed files with 45 additions and 24 deletions
--- a/ansible/group_vars/VPS
+++ b/ansible/group_vars/VPS
@ -59,6 +59,29 @@ systemd_mounts:
      - vers=3.0
      - mfsymlinks
    automount: true
+  diskstation_git:
+    share: diskstation.ducamps.win:/volume2/git
+    mount: /mnt/diskstation/git
+    type: nfs
+    options:
+      - " "
+    automount: true
+  diskstation_CardDav:
+        share: diskstation.ducamps.win:/volume2/CardDav
+        mount: /mnt/diskstation/CardDav
+        type: nfs
+        options:
+            - " "
+        automount: true
+  diskstation_music:
+        share: diskstation.ducamps.win:/volume2/music
+        mount: /mnt/diskstation/music
+        type: nfs
+        options:
+            - " "
+        automount: true
+
+
 credentials_files:
  1:
      type: smb
@ -71,4 +94,6 @@ credentials_files:
 systemd_mounts_enabled:
  - diskstation_nomad
  - hetzner_storage
-
+  - diskstation_git
+  - diskstation_music
+  - diskstation_CardDav
--- a/ansible/group_vars/database
+++ b/ansible/group_vars/database
@ -26,42 +26,22 @@ postgresql_users:

 postgresql_databases:
  - name: wikijs
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: en_US.UTF-8
    owner: wikijs
  - name: ttrss
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: ttrss
  - name: gitea
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: gitea
  - name: supysonic
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: supysonic
  - name: hass
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: hass
  - name: nextcloud
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: nextcloud
  - name: vaultwarden
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: vaultwarden
  - name: drone
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: drone
  - name: dendrite
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: dendrite
  - name: paperless
-    lc_collate: fr_FR.UTF-8
-    lc_ctype: fr_FR.UTF-8
    owner: paperless
--- a/ansible/group_vars/homelab/mount
+++ b/ansible/group_vars/homelab/mount
@ -90,4 +90,3 @@ credentials_files:
        path: /etc/creds/.diskstation_credentials
        username: admin
        password: "{{ lookup('hashi_vault','secret=secrets/data/ansible/storage:diskstation_admin') }}"
-
--- a/ansible/host_vars/gerard
+++ b/ansible/host_vars/gerard
@ -1,3 +1,18 @@
 ---
 ansible_host: "192.168.1.41"
 ansible_python_interpreter: "/usr/bin/python3"
+wireguard_address: "10.0.0.5/24"
+wireguard_allowed_ips: "10.0.0.5/32,192.168.1.0/24"
+perrsistent_keepalive: "30"
+wireguard_endpoint: ""
+
+wireguard_postup:
+  - iptables -A FORWARD -i wg0 -j ACCEPT
+  - iptables -A FORWARD -o wg0 -j ACCEPT
+  - iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
+
+wireguard_postdown:
+  - iptables -D FORWARD -i wg0 -j ACCEPT
+  - iptables -D FORWARD -o wg0 -j ACCEPT
+  - iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE
+
--- a/ansible/host_vars/merlin
+++ b/ansible/host_vars/merlin
@ -1,5 +1,5 @@
 ---
-ansible_host: 10.0.0.4
+ansible_host: 65.109.13.133

 wireguard_address: "10.0.0.4/24"
 wireguard_endpoint: "65.109.13.133"
--- a/ansible/production
+++ b/ansible/production
@ -6,6 +6,7 @@ gerard
 corwin
 merlin

+
 [dhcp]
 gerard

@ -13,10 +14,11 @@ gerard
 corwin
 oscar
 merlin
+gerard

 [database]
 oscar
+merlin

 [rsyncd]
 oscar
-