From a65e3484b59f839c02d38263fe86c2f88ee4b305 Mon Sep 17 00:00:00 2001 From: vincent Date: Tue, 30 Jan 2024 18:30:42 +0100 Subject: [PATCH] implement default interface variable --- ansible/host_vars/bleys | 8 ++++++-- ansible/host_vars/gerard | 8 ++++++-- ansible/host_vars/oscar | 8 ++++++-- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/ansible/host_vars/bleys b/ansible/host_vars/bleys index 9cda6fe..9797dc0 100644 --- a/ansible/host_vars/bleys +++ b/ansible/host_vars/bleys @@ -1,6 +1,10 @@ --- ansible_host: "192.168.1.42" ansible_python_interpreter: "/usr/bin/python3" +default_interface: "enp2s0" +consul_iface: "{{ default_interface}}" +vault_iface: "{{ default_interface}}" + wireguard_address: "10.0.0.7/24" wireguard_byhost_allowed_ips: merlin: 10.0.0.7,192.168.1.42,192.168.1.0/24 @@ -11,13 +15,13 @@ wireguard_endpoint: "" wireguard_postup: - iptables -A FORWARD -i wg0 -j ACCEPT - iptables -A FORWARD -o wg0 -j ACCEPT - - iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE + - iptables -t nat -A POSTROUTING -o {{default_interface}} -j MASQUERADE - sysctl -w net.ipv4.ip_forward=1 wireguard_postdown: - iptables -D FORWARD -i wg0 -j ACCEPT - iptables -D FORWARD -o wg0 -j ACCEPT - - iptables -t nat -D POSTROUTING -o enp2s0 -j MASQUERADE + - iptables -t nat -D POSTROUTING -o {default_interface} -j MASQUERADE - sysctl -w net.ipv4.ip_forward=0 partition_table: diff --git a/ansible/host_vars/gerard b/ansible/host_vars/gerard index 38adf4a..7110429 100644 --- a/ansible/host_vars/gerard +++ b/ansible/host_vars/gerard @@ -1,6 +1,10 @@ --- ansible_host: "192.168.1.41" ansible_python_interpreter: "/usr/bin/python3" +default_interface: "enu1u1" +consul_iface: "{{ default_interface }}" +vault_iface: "{{ default_interface }}" + wireguard_address: "10.0.0.6/24" wireguard_byhost_allowed_ips: merlin: 10.0.0.6,192.168.1.41 @@ -11,10 +15,10 @@ wireguard_endpoint: "" wireguard_postup: - iptables -A FORWARD -i wg0 -j ACCEPT - iptables -A FORWARD -o wg0 -j ACCEPT - - iptables -t nat -A POSTROUTING -o enu1u1 -j MASQUERADE + - iptables -t nat -A POSTROUTING -o {{ default_interface }} -j MASQUERADE wireguard_postdown: - iptables -D FORWARD -i wg0 -j ACCEPT - iptables -D FORWARD -o wg0 -j ACCEPT - - iptables -t nat -D POSTROUTING -o enu1u1 -j MASQUERADE + - iptables -t nat -D POSTROUTING -o {{ default_interface }} -j MASQUERADE diff --git a/ansible/host_vars/oscar b/ansible/host_vars/oscar index 93c30e8..ad96283 100644 --- a/ansible/host_vars/oscar +++ b/ansible/host_vars/oscar @@ -1,4 +1,8 @@ --- +default_interface: "enp2s0" +consul_iface: "{{ default_interface}}" +vault_iface: "{{ default_interface}}" + wireguard_address: "10.0.0.2/24" wireguard_byhost_allowed_ips: merlin: 10.0.0.2,192.168.1.40 @@ -9,12 +13,12 @@ wireguard_endpoint: "" wireguard_postup: - iptables -A FORWARD -i wg0 -j ACCEPT - iptables -A FORWARD -o wg0 -j ACCEPT - - iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE + - iptables -t nat -A POSTROUTING -o {{ default_interface }} -j MASQUERADE wireguard_postdown: - iptables -D FORWARD -i wg0 -j ACCEPT - iptables -D FORWARD -o wg0 -j ACCEPT - - iptables -t nat -D POSTROUTING -o enp2s0 -j MASQUERADE + - iptables -t nat -D POSTROUTING -o {{ default_interface }} -j MASQUERADE partition_table: - device: "/dev/sda"