From 7d1f2ebd0f52a708bf809f93abb75258107a230c Mon Sep 17 00:00:00 2001
From: Jean-Marie Mineau <jean-marie.mineau@protonmail.com>
Date: Sat, 7 Aug 2021 01:06:30 +0200
Subject: [PATCH] add settings for the new matrix vm

---
 group_vars/all/networking.yml          |  5 ++
 group_vars/all/vpn_vault               | 67 ++++++++++++++------------
 host_vars/hindley/vpn.yml              |  6 +++
 host_vars/matrix_server/ansible.yml    |  2 +-
 host_vars/matrix_server/networking.yml |  9 ++--
 host_vars/matrix_server/vpn.yml        | 13 +++++
 hosts                                  |  1 +
 7 files changed, 66 insertions(+), 37 deletions(-)
 create mode 100644 host_vars/matrix_server/vpn.yml

diff --git a/group_vars/all/networking.yml b/group_vars/all/networking.yml
index 3cd5f49..788cc13 100644
--- a/group_vars/all/networking.yml
+++ b/group_vars/all/networking.yml
@@ -33,6 +33,11 @@ intranet:
           ipv4: 172.20.1.4
           netmaskv4: 32
           comment: Rossum
+        matrix:
+          domaine: matrix
+          ipv4: 172.20.1.5
+          netmaskv4: 32
+          comment: Matrix server
     guest_hellman:
       domaine: hllm
       ipv4: 172.20.103.0
diff --git a/group_vars/all/vpn_vault b/group_vars/all/vpn_vault
index 908231d..dfb1517 100644
--- a/group_vars/all/vpn_vault
+++ b/group_vars/all/vpn_vault
@@ -1,33 +1,36 @@
 $ANSIBLE_VAULT;1.2;AES256;vpn_vault
-30346337663561363430646532656462396163656462643563336266636539386362376634616662
-3333666632613436396464663333396465303132613337300a363166623334386161316639393333
-66616565336266383435353039373835356364653230353964633839386433343032623436656431
-3731613630616366340a376130363939643331393835633939656361313466346531313333383865
-62636635333463346330383961663761656632343735313665626261363431376535636138333332
-63323663316332353539346665343532666137326365633732366233653663343963306663663134
-66353737616635646264306266366666656539613031373735323034356639643662383132653731
-35393039356634623564666237386230393033616363353238383838313032366234383431623930
-63663236656263663431633030623930326665343566333939306636373833396433393164386466
-33613561343432356337633861373134306238623732393036396365643930356534636538336232
-31386334353638633237613565343263366665346565616231633036393731316530366630633731
-37376536653930303832656436366161323665653636393539343463306438613563323966376632
-64306664363638636333326635393233363238613766353631646464353835626139343932633537
-66613836656637376665366561343965366662366562383763653232643930636164393632333339
-37656633343264346631663033386530623937343932373436616663613436366132343863336538
-64656265313431626665363564343632313364383430643730643930323933373335623539313262
-39386165363433616565303064323031633861373666613938376232316161333335613137343365
-65306664626432326235643533633533356130316531656636613837393237343131626230636333
-37623639636332386465613532376533653462643737636462326461333834383239366637656461
-33343232666536636132356432313839376565376538356364363161366537653966356563356363
-62303734333262316639613363653537373564306265303534306430363366666566323264313331
-66326665393535306338626230646230633035363562396432396363323439336464353366323639
-39353463323762356235656464346135373236353033613938636333656433653233393063373762
-32653439346535383966303538303635393539336465373463303566383263333730643065383132
-66353861643839653535663238393465396164383262326234353561343232396562383836353639
-65333437653463653231633331626136316634303031383566343963326236303039633432316261
-33626465386562303962306562646338636439383638663861353665363732353163303330633837
-37623934356635386137343661653438643365656661656538366130333036643636613161336436
-66393365313565376339353165373764656531396662663630613833323964653337386130383635
-37613865383330303430383561373565336662333038396539363661636566333864326133323962
-63303934386430343962666162323361306431383936353832613534663638623663653136303631
-33306566313633656238
+63336164323763623961373136616238363832356135343764343966356631333766396265653566
+6139626665393664343961363966363339346636376431340a343730653565383265616365386366
+32333533666333373663373037653731666361343737356261636532303562663063343633346537
+3337643137653839320a346236613362393636363935373162643237343831333535393461633963
+37343039383931613031663733666538383735383064356532373232633661386237366433396236
+63666134376463313637643061623934653666353364353235323431633930373663636137313462
+30666263386237303563393936373566386563386631656162303634306466656663666330313937
+32313431343536666437626130646231333237343734303538363639383933633661323565353661
+32343065383433623730346664643361306539623937656331333764346336396231656465373561
+33343034303263303833373936383936366131663962613961666161303134316134316635626639
+36666334393961306662626162393433643961646339323934653335613933383131633635623763
+34656538336434303339613032623432613239303239373937643361306535383137643239646134
+33336461613034303362353837313362643934666239363036333432373631336162646330333532
+36303332306333623765653838373361353435646366323462383237343134643736376230353434
+35333738313030636339363538656130643163353238666638383830316665646438366164636138
+30643031336164323862633135313630666561656335626464336162386564306261396532396238
+36666139386236663736613936633964363166343765626366323566613733353233313862646165
+33373264633763386166373739313136343362383864343866323231373536633130633032616334
+30383930333130646636666134363661316236323937373861343333333833616633346161323965
+31343966396635626465613630333732353335373264646464373764363433393439656635636430
+31303930333731656339633032366166386265653632633638323932626161623966613761636236
+61303134663931636139336436313637333739626336643838663861626539323336393239643131
+37383665326332393663323166643338353135363831306561623639643663326364343639316665
+38343337323633353066653666366238633932393836396338336261663331656565653532613438
+36323462326431333235376566343134663734373534663834316133333236636166386439633766
+31323931363066343334363764356630383764346332353162316461333762613366663130393831
+36633430383131326335333130303832666430366134393462616163326239383538616531373166
+37383130616339343832313335636364623434636434393430383566376433363565626336303064
+63376234613835666338373662373735386561643431633037336231643033393563316363613131
+61656232363035333635636464656465613763613032376666623238613362343032613465313331
+62353035313862323631653766393463383565336535616630383839376135393037363038343639
+39646531666130626638666535623533373766386531343236313962636539373233363462363032
+61373938373139376236633062353063643037333062363464383638333635643331616465643533
+34646238663731616635313131313438376536633862346165666631326632623534306666396264
+636139633664356536626239303631643864
diff --git a/host_vars/hindley/vpn.yml b/host_vars/hindley/vpn.yml
index 1fb871c..24c4f54 100644
--- a/host_vars/hindley/vpn.yml
+++ b/host_vars/hindley/vpn.yml
@@ -47,5 +47,11 @@ vpn_interfaces:
       allowed_ips: 
         - "{{ hostvars['vm4'].vpn_interfaces.wg0.ip }}/32"
       comment: "Test VM 4, hosted by knuth"
+    - endpoint: ""
+      public_key: "{{ hostvars['matrix_server'].vpn_interfaces.wg0.public_key }}"
+      allowed_ips: 
+        - "{{ hostvars['matrix_server'].vpn_interfaces.wg0.ip }}/32"
+      comment: "matrix VM, hosted on g33kex's server"
+
 
 
diff --git a/host_vars/matrix_server/ansible.yml b/host_vars/matrix_server/ansible.yml
index 092a0b1..0c0bacb 100644
--- a/host_vars/matrix_server/ansible.yml
+++ b/host_vars/matrix_server/ansible.yml
@@ -1,2 +1,2 @@
 ---
-ansible_host: "172.20.103.101"
+ansible_host: "synapse"
diff --git a/host_vars/matrix_server/networking.yml b/host_vars/matrix_server/networking.yml
index 49825a7..3da7101 100644
--- a/host_vars/matrix_server/networking.yml
+++ b/host_vars/matrix_server/networking.yml
@@ -1,10 +1,11 @@
 ---
 interfaces:
   ens18:
-    ipv4: 172.20.103.101
-    netmaskv4: 24
-    type: static
-    gateway: 172.20.103.1
+    type: dhcp
+  wg0:
+    ipv4: "{{ intranet.subnets.physical.subnets.matrix.ipv4 }}"
+    netmaskv4: "{{ intranet.netmaskv4 }}"
+    type: wireguard
 
 ipv4_forwarding: false
 ipv6_forwarding: false
diff --git a/host_vars/matrix_server/vpn.yml b/host_vars/matrix_server/vpn.yml
new file mode 100644
index 0000000..beae875
--- /dev/null
+++ b/host_vars/matrix_server/vpn.yml
@@ -0,0 +1,13 @@
+---
+vpn_interfaces:
+  wg0:
+    ip: "{{ interfaces.wg0.ipv4 }}"
+    private_key: "{{ vpn_vault_matrix_key }}"
+    public_key: "oQH8CBofxNSOGevaz1HZlz3ZW+H3ndb/TmqM0pCiRR8="
+    keepalive: true
+    peers:
+    - endpoint: "{{ hostvars['hindley'].interfaces.enp2s0.ipv4 }}"
+      public_key: "{{ hostvars['hindley'].vpn_interfaces.wg0.public_key }}"
+      allowed_ips:
+        - "{{ hostvars['hindley'].vpn_interfaces.wg0.ip }}/{{ interfaces.wg0.netmaskv4 }}"
+      comment: "hindley"
diff --git a/hosts b/hosts
index c29a480..521face 100644
--- a/hosts
+++ b/hosts
@@ -50,6 +50,7 @@ all:
         vm2:
         vm3:
         vm4:
+        matrix_server:
     apt_proxies:
       hosts:
         hindley: