This commit is contained in:
Jean-Marie Mineau 2021-04-22 22:12:57 +02:00
parent fa4cec5855
commit 967fc48329
7 changed files with 25 additions and 5 deletions

1
.gitignore vendored
View file

@ -2,3 +2,4 @@
*.retry
.main_vault_password
.user_vault_password
.vpn_vault_password

View file

@ -23,8 +23,7 @@ forks = 15
# Some SSH connection will take time
timeout = 60
vault_identity_list = main_vault@.main_vault_password , user_vault@.user_vault_password
#vault_password_file = .vault_password
vault_identity_list = main_vault@.main_vault_password , user_vault@.user_vault_password, vpn_vault@.vpn_vault_password
[privilege_escalation]

16
group_vars/all/vpn_vault Normal file
View file

@ -0,0 +1,16 @@
$ANSIBLE_VAULT;1.2;AES256;vpn_vault
37633462636161633333306438623761626365623138653733613338316239303533353539366438
3638386334656338616232333463303739613831646638360a643933346664373035303336393333
33663439363031626664323464316334316430346138636133646562353132316530343533643564
3566313834303662630a353636666230333536333066636162356366396331323937616431343538
37396662353437353037316335373139653431636236666463353465333462303465646163393332
39313763303935356364396237653435623438316164343766313461646239613933366265663437
62303336656662363036333136303737613966616137386336653863663234656336376134313831
38396466633832313338643638656439616232616431333564343433356461303365646237313038
38373038626564313463383632353335373134313136323135653031346237373166343961353633
30313439386636636333643264396362303733383239663562623631633932633732623538363232
35636432376666333166633339306635316234383630316137303865313839333938346163306565
64353264636166323937306466393539383734613636336361623536313330363537326361393662
64366330383838386165656636383530323866396663363230623964353363336461646363326663
61356430396136393630626266366138623932323532663866326264333166663731303732333238
336462386365303833366562636134663037

View file

@ -0,0 +1,4 @@
---
vpn_vault_hindley_key: "AAAAAcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
vpn_vault_azerty_key: "BBBBBcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
vpn_vault_hellman_key: "CCCCCcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="

View file

@ -3,7 +3,7 @@ vpn_interfaces:
wg0:
ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_vault_azerty_key }}"
public_key: ""
public_key: "o9rdoSdnp4twbNbZAMl0wY4sFQh647qqRv6V8HJwMQY="
keepalive: true
peers:
- endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}"

View file

@ -3,7 +3,7 @@ vpn_interfaces:
wg0:
ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_vault_hellman_key }}"
public_key: ""
public_key: "+qV1RHAgSigOkrxUKqpGR83bydmlIHrEiw+A7zjbRk4="
keepalive: true
peers:
- endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}"

View file

@ -3,7 +3,7 @@ vpn_interfaces:
wg0:
ip: "{{ interfaces.wg0.ipv4 }}"
private_key: "{{ vpn_vault_hindley_key }}"
public_key: ""
public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
keepalive: false
peers:
- endpoint: ""