fixe wireguard issue and custome allowed ips

2022-09-13 18:11:39 +02:00 · 2022-09-13 18:11:39 +02:00 · 4dc30ddf20
commit 4dc30ddf20
parent 688c4166cc
2 changed files with 8 additions and 6 deletions
--- a/ansible/host_vars/gerard
+++ b/ansible/host_vars/gerard
@ -2,17 +2,18 @@
 ansible_host: "192.168.1.41"
 ansible_python_interpreter: "/usr/bin/python3"
 wireguard_address: "10.0.0.6/24"
-wireguard_allowed_ips: "10.0.0.6/32,192.168.1.0/24"
+wireguard_byhost_allowed_ips:
  merlin: 10.0.0.6,192.168.1.41
 perrsistent_keepalive: "30"
 wireguard_endpoint: ""
 wireguard_postup:
  - iptables -A FORWARD -i wg0 -j ACCEPT
  - iptables -A FORWARD -o wg0 -j ACCEPT
-  - iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
+  - iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 wireguard_postdown:
  - iptables -D FORWARD -i wg0 -j ACCEPT
  - iptables -D FORWARD -o wg0 -j ACCEPT
-  - iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE
+  - iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
--- a/ansible/host_vars/oscar
+++ b/ansible/host_vars/oscar
@ -1,18 +1,19 @@
 ---
 wireguard_address: "10.0.0.2/24"
-wireguard_allowed_ips: "10.0.0.2/32,192.168.1.0/24"
+wireguard_byhost_allowed_ips:
  merlin: 10.0.0.2,192.168.1.40,192.168.1.0/24
 perrsistent_keepalive: "30"
 wireguard_endpoint: ""
 wireguard_postup:
  - iptables -A FORWARD -i wg0 -j ACCEPT
  - iptables -A FORWARD -o wg0 -j ACCEPT
-  - iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
+  - iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
 wireguard_postdown:
  - iptables -D FORWARD -i wg0 -j ACCEPT
  - iptables -D FORWARD -o wg0 -j ACCEPT
-  - iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE
+  - iptables -t nat -D POSTROUTING -o enp2s0 -j MASQUERADE
 consul_snapshot: True
 partition_table: