From 4dc30ddf20c69f85c46a0f03f68fdf487cfb5514 Mon Sep 17 00:00:00 2001 From: vincent Date: Tue, 13 Sep 2022 18:11:39 +0200 Subject: [PATCH] fixe wireguard issue and custome allowed ips --- ansible/host_vars/gerard | 7 ++++--- ansible/host_vars/oscar | 7 ++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/ansible/host_vars/gerard b/ansible/host_vars/gerard index c5bb865..e24d1e8 100644 --- a/ansible/host_vars/gerard +++ b/ansible/host_vars/gerard @@ -2,17 +2,18 @@ ansible_host: "192.168.1.41" ansible_python_interpreter: "/usr/bin/python3" wireguard_address: "10.0.0.6/24" -wireguard_allowed_ips: "10.0.0.6/32,192.168.1.0/24" +wireguard_byhost_allowed_ips: + merlin: 10.0.0.6,192.168.1.41 perrsistent_keepalive: "30" wireguard_endpoint: "" wireguard_postup: - iptables -A FORWARD -i wg0 -j ACCEPT - iptables -A FORWARD -o wg0 -j ACCEPT - - iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE + - iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE wireguard_postdown: - iptables -D FORWARD -i wg0 -j ACCEPT - iptables -D FORWARD -o wg0 -j ACCEPT - - iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE + - iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE diff --git a/ansible/host_vars/oscar b/ansible/host_vars/oscar index 6618c5a..a411bf3 100644 --- a/ansible/host_vars/oscar +++ b/ansible/host_vars/oscar @@ -1,18 +1,19 @@ --- wireguard_address: "10.0.0.2/24" -wireguard_allowed_ips: "10.0.0.2/32,192.168.1.0/24" +wireguard_byhost_allowed_ips: + merlin: 10.0.0.2,192.168.1.40,192.168.1.0/24 perrsistent_keepalive: "30" wireguard_endpoint: "" wireguard_postup: - iptables -A FORWARD -i wg0 -j ACCEPT - iptables -A FORWARD -o wg0 -j ACCEPT - - iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE + - iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE wireguard_postdown: - iptables -D FORWARD -i wg0 -j ACCEPT - iptables -D FORWARD -o wg0 -j ACCEPT - - iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE + - iptables -t nat -D POSTROUTING -o enp2s0 -j MASQUERADE consul_snapshot: True partition_table: