add merlin VPS

2022-06-20 21:42:51 +02:00 · 2022-06-20 21:42:51 +02:00 · 4a93a2917a
commit 4a93a2917a
parent 7031c95a6c
2 changed files with 42 additions and 0 deletions
--- a/ansible/host_vars/merlin
+++ b/ansible/host_vars/merlin
@ -0,0 +1,40 @@
+---
+ansible_host: 65.109.13.133
+
+wireguard_address: "10.0.0.4/24"
+wireguard_endpoint: "65.109.13.133"
+wireguard_persistent_keepalive: "30"
+wireguard_allowed_ips: "10.0.0.0/24"
+
+wireguard_postup:
+  - iptables -A FORWARD -o %i -j ACCEPT
+  - iptables -A FORWARD -i %i -j ACCEPT
+  - iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
+
+wireguard_postdown:
+  - iptables -D FORWARD -i %i -j ACCEPT
+  - iptables -D FORWARD -o %i -j ACCEPT
+  - iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE
+
+wireguard_unmanaged_peers:
+  phone:
+    public_key: ioG35kDFTtip+Acfq+je9qDHYbZij+J6+Pg3T6Z4N0w=
+    allowed_ips: 10.0.0.3/32
+    persistent_keepalive: 0
+  zen:
+    public_key: rYYljQw8InmM95pxCP9KyZ8R+kcicgnjr6E9qtkI1Ag=
+    allowed_ips: 10.0.0.4/32
+    persistent_keepalive: 0
+consul_client_addr: "127.0.0.1 10.0.0.4"
+consul_bind_address: "10.0.0.4"
+consul_ui: True
+consul_iface: "wg0"
+nomad_bind_addr: "10.0.0.4"
+nomad_host_networks:
+  - name: "private"
+    interface: wg0
+  - name: "public"
+    interface: eth0
+  - name: "default"
+    interface: wg0
+vault_listener_address: 10.0.0.4
--- a/ansible/production
+++ b/ansible/production
@ -4,6 +4,7 @@ gerard

 [VPS]
 corwin
+merlin

 [dhcp]
 gerard
@ -11,6 +12,7 @@ gerard
 [wireguard]
 corwin
 oscar
+merlin

 [database]
 oscar