49 lines
1.4 KiB
Plaintext
49 lines
1.4 KiB
Plaintext
---
|
|
ansible_host: 10.0.0.1
|
|
#ansible_host: 135.181.150.203
|
|
wireguard_address: "10.0.0.1/24"
|
|
wireguard_endpoint: "135.181.150.203"
|
|
wireguard_persistent_keepalive: "20"
|
|
wireguard_byhost_allowed_ips:
|
|
gerard: 10.0.0.1,10.0.0.3,10.0.0.5
|
|
wireguard_allowed_ips: "0.0.0.0/0"
|
|
|
|
wireguard_postup:
|
|
- iptables -A FORWARD -o %i -j ACCEPT
|
|
- iptables -A FORWARD -i %i -j ACCEPT
|
|
- iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
|
|
- sysctl -w net.ipv4.ip_forward=1
|
|
- resolvectl dns %i 192.168.1.4 192.168.1.41; resolvectl domain %i '~ducamps.win' '~ducamps.eu' '~{{ consul_domain }}'
|
|
|
|
wireguard_postdown:
|
|
- iptables -D FORWARD -i %i -j ACCEPT
|
|
- iptables -D FORWARD -o %i -j ACCEPT
|
|
- iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
|
|
- sysctl -w net.ipv4.ip_forward=0
|
|
|
|
wireguard_unmanaged_peers:
|
|
phone:
|
|
public_key: IYKgrQ2VJUbOnupSqedOfIilsbmBBABZUTRF9ZoTrkc=
|
|
allowed_ips: 10.0.0.3/32
|
|
persistent_keepalive: 0
|
|
zen:
|
|
public_key: rYYljQw8InmM95pxCP9KyZ8R+kcicgnjr6E9qtkI1Ag=
|
|
allowed_ips: 10.0.0.5/32
|
|
persistent_keepalive: 0
|
|
wireguard_dns: "192.168.1.4,192.168.1.41"
|
|
consul_client_addr: "127.0.0.1 10.0.0.1"
|
|
consul_bind_address: "10.0.0.1"
|
|
consul_ui: True
|
|
consul_iface: "wg0"
|
|
nomad_bind_addr: "10.0.0.1"
|
|
nomad_host_networks:
|
|
- name: "private"
|
|
interface: wg0
|
|
- name: "public"
|
|
interface: eth0
|
|
- name: "default"
|
|
interface: wg0
|
|
nomad_client_network_interface : "wg0"
|
|
vault_listener_address: 10.0.0.1
|
|
nomad_plugins_podman: True
|