diff --git a/ansible/group_vars/VPS b/ansible/group_vars/VPS index 2eba52d..8ff8e7b 100644 --- a/ansible/group_vars/VPS +++ b/ansible/group_vars/VPS @@ -59,6 +59,29 @@ systemd_mounts: - vers=3.0 - mfsymlinks automount: true + diskstation_git: + share: diskstation.ducamps.win:/volume2/git + mount: /mnt/diskstation/git + type: nfs + options: + - " " + automount: true + diskstation_CardDav: + share: diskstation.ducamps.win:/volume2/CardDav + mount: /mnt/diskstation/CardDav + type: nfs + options: + - " " + automount: true + diskstation_music: + share: diskstation.ducamps.win:/volume2/music + mount: /mnt/diskstation/music + type: nfs + options: + - " " + automount: true + + credentials_files: 1: type: smb @@ -71,4 +94,6 @@ credentials_files: systemd_mounts_enabled: - diskstation_nomad - hetzner_storage - + - diskstation_git + - diskstation_music + - diskstation_CardDav diff --git a/ansible/group_vars/database b/ansible/group_vars/database index 0eae3ab..bd1fa6e 100644 --- a/ansible/group_vars/database +++ b/ansible/group_vars/database @@ -26,42 +26,22 @@ postgresql_users: postgresql_databases: - name: wikijs - lc_collate: fr_FR.UTF-8 - lc_ctype: en_US.UTF-8 owner: wikijs - name: ttrss - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: ttrss - name: gitea - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: gitea - name: supysonic - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: supysonic - name: hass - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: hass - name: nextcloud - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: nextcloud - name: vaultwarden - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: vaultwarden - name: drone - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: drone - name: dendrite - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: dendrite - name: paperless - lc_collate: fr_FR.UTF-8 - lc_ctype: fr_FR.UTF-8 owner: paperless diff --git a/ansible/group_vars/homelab/mount b/ansible/group_vars/homelab/mount index 04922dd..c212d49 100644 --- a/ansible/group_vars/homelab/mount +++ b/ansible/group_vars/homelab/mount @@ -90,4 +90,3 @@ credentials_files: path: /etc/creds/.diskstation_credentials username: admin password: "{{ lookup('hashi_vault','secret=secrets/data/ansible/storage:diskstation_admin') }}" - diff --git a/ansible/host_vars/gerard b/ansible/host_vars/gerard index 58a46c1..be274c1 100644 --- a/ansible/host_vars/gerard +++ b/ansible/host_vars/gerard @@ -1,3 +1,18 @@ --- ansible_host: "192.168.1.41" ansible_python_interpreter: "/usr/bin/python3" +wireguard_address: "10.0.0.5/24" +wireguard_allowed_ips: "10.0.0.5/32,192.168.1.0/24" +perrsistent_keepalive: "30" +wireguard_endpoint: "" + +wireguard_postup: + - iptables -A FORWARD -i wg0 -j ACCEPT + - iptables -A FORWARD -o wg0 -j ACCEPT + - iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE + +wireguard_postdown: + - iptables -D FORWARD -i wg0 -j ACCEPT + - iptables -D FORWARD -o wg0 -j ACCEPT + - iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE + diff --git a/ansible/host_vars/merlin b/ansible/host_vars/merlin index 3f562ab..53b4d95 100644 --- a/ansible/host_vars/merlin +++ b/ansible/host_vars/merlin @@ -1,5 +1,5 @@ --- -ansible_host: 10.0.0.4 +ansible_host: 65.109.13.133 wireguard_address: "10.0.0.4/24" wireguard_endpoint: "65.109.13.133" diff --git a/ansible/production b/ansible/production index 85a62c4..51adf7d 100644 --- a/ansible/production +++ b/ansible/production @@ -6,6 +6,7 @@ gerard corwin merlin + [dhcp] gerard @@ -13,10 +14,11 @@ gerard corwin oscar merlin +gerard [database] oscar +merlin [rsyncd] oscar -