complete corwin vars

This commit is contained in:
vincent 2022-11-11 17:45:46 +01:00
parent aed8122aba
commit a68543aeca
3 changed files with 8 additions and 3 deletions

View File

@ -1,20 +1,22 @@
--- ---
ansible_host: 65.108.221.233 ansible_host: 135.181.150.203
wireguard_address: "10.0.0.1/24" wireguard_address: "10.0.0.1/24"
wireguard_endpoint: "65.108.221.233" wireguard_endpoint: "135.181.150.203"
wireguard_persistent_keepalive: "20" wireguard_persistent_keepalive: "20"
wireguard_allowed_ips: "10.0.0.1/32" wireguard_allowed_ips: "10.0.0.1/32,10.0.0.3/32,10.0.0.5/32"
wireguard_postup: wireguard_postup:
- iptables -A FORWARD -o %i -j ACCEPT - iptables -A FORWARD -o %i -j ACCEPT
- iptables -A FORWARD -i %i -j ACCEPT - iptables -A FORWARD -i %i -j ACCEPT
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE - iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- sysctl -w net.ipv4.ip_forward=1
wireguard_postdown: wireguard_postdown:
- iptables -D FORWARD -i %i -j ACCEPT - iptables -D FORWARD -i %i -j ACCEPT
- iptables -D FORWARD -o %i -j ACCEPT - iptables -D FORWARD -o %i -j ACCEPT
- iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE - iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
- sysctl -w net.ipv4.ip_forward=0
wireguard_unmanaged_peers: wireguard_unmanaged_peers:
phone: phone:
@ -25,6 +27,7 @@ wireguard_unmanaged_peers:
public_key: rYYljQw8InmM95pxCP9KyZ8R+kcicgnjr6E9qtkI1Ag= public_key: rYYljQw8InmM95pxCP9KyZ8R+kcicgnjr6E9qtkI1Ag=
allowed_ips: 10.0.0.5/32 allowed_ips: 10.0.0.5/32
persistent_keepalive: 0 persistent_keepalive: 0
wireguard_dns: "192.168.1.40,192.168.1.10"
consul_client_addr: "127.0.0.1 10.0.0.1" consul_client_addr: "127.0.0.1 10.0.0.1"
consul_bind_address: "10.0.0.1" consul_bind_address: "10.0.0.1"
consul_ui: True consul_ui: True

View File

@ -4,6 +4,7 @@ ansible_python_interpreter: "/usr/bin/python3"
wireguard_address: "10.0.0.6/24" wireguard_address: "10.0.0.6/24"
wireguard_byhost_allowed_ips: wireguard_byhost_allowed_ips:
merlin: 10.0.0.6,192.168.1.41 merlin: 10.0.0.6,192.168.1.41
corwin: 10.0.0.6,192.168.1.41
perrsistent_keepalive: "20" perrsistent_keepalive: "20"
wireguard_endpoint: "" wireguard_endpoint: ""

View File

@ -2,6 +2,7 @@
wireguard_address: "10.0.0.2/24" wireguard_address: "10.0.0.2/24"
wireguard_byhost_allowed_ips: wireguard_byhost_allowed_ips:
merlin: 10.0.0.2,192.168.1.40,192.168.1.0/24 merlin: 10.0.0.2,192.168.1.40,192.168.1.0/24
corwin: 10.0.0.2,192.168.1.40,192.168.1.0/24
perrsistent_keepalive: "30" perrsistent_keepalive: "30"
wireguard_endpoint: "" wireguard_endpoint: ""