From 908495bce393bdbe817c764ac5a08c1090d7e470 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sat, 18 Nov 2023 14:43:06 +0100
Subject: [PATCH] norootsquash

---
 ansible/group_vars/NAS/main |  2 +-
 ansible/host_vars/nas       | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 ansible/host_vars/nas

diff --git a/ansible/group_vars/NAS/main b/ansible/group_vars/NAS/main
index 39f692a..7bb7d26 100644
--- a/ansible/group_vars/NAS/main
+++ b/ansible/group_vars/NAS/main
@@ -1,4 +1,4 @@
-nfs_cluster_list: "{% for server in groups['all']%}{{ hostvars[server]['inventory_hostname'] }}.{{ nfs_domain_name }}(rw,async,insecure_locks,sec=sys,anonuid=1000001,anongid=100)  {%endfor%}"
+nfs_cluster_list: "{% for server in groups['all']%}{{ hostvars[server]['inventory_hostname'] }}.{{ nfs_domain_name }}(rw,no_root_squash,async,insecure_locks,sec=sys)  {%endfor%}"
 
 
 nfs_exports:
diff --git a/ansible/host_vars/nas b/ansible/host_vars/nas
new file mode 100644
index 0000000..56a1898
--- /dev/null
+++ b/ansible/host_vars/nas
@@ -0,0 +1,16 @@
+---
+wireguard_address: "10.0.1.8/24"
+perrsistent_keepalive: "30"
+wireguard_endpoint: ""
+wireguard_byhost_allowed_ips:
+  merlin: 10.0.0.8,192.168.1.10
+  corwin: 10.0.0.8,192.168.1.10
+wireguard_postup:
+  - iptables -A FORWARD -i wg0 -j ACCEPT
+  - iptables -A FORWARD -o wg0 -j ACCEPT
+  - iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
+
+wireguard_postdown:
+  - iptables -D FORWARD -i wg0 -j ACCEPT
+  - iptables -D FORWARD -o wg0 -j ACCEPT
+  - iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE