add keys

2 years ago · 967fc48329
parent fa4cec5855
commit 967fc48329
7 changed files with 25 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,3 +2,4 @@
 *.retry
 .main_vault_password
 .user_vault_password
+.vpn_vault_password
--- a/ansible.cfg
+++ b/ansible.cfg
@ -23,8 +23,7 @@ forks = 15
 # Some SSH connection will take time
 timeout = 60

-vault_identity_list = main_vault@.main_vault_password , user_vault@.user_vault_password
-#vault_password_file = .vault_password
+vault_identity_list = main_vault@.main_vault_password , user_vault@.user_vault_password, vpn_vault@.vpn_vault_password

 [privilege_escalation]

--- a/group_vars/all/vpn_vault
+++ b/group_vars/all/vpn_vault
@ -0,0 +1,16 @@
+$ANSIBLE_VAULT;1.2;AES256;vpn_vault
+37633462636161633333306438623761626365623138653733613338316239303533353539366438
+3638386334656338616232333463303739613831646638360a643933346664373035303336393333
+33663439363031626664323464316334316430346138636133646562353132316530343533643564
+3566313834303662630a353636666230333536333066636162356366396331323937616431343538
+37396662353437353037316335373139653431636236666463353465333462303465646163393332
+39313763303935356364396237653435623438316164343766313461646239613933366265663437
+62303336656662363036333136303737613966616137386336653863663234656336376134313831
+38396466633832313338643638656439616232616431333564343433356461303365646237313038
+38373038626564313463383632353335373134313136323135653031346237373166343961353633
+30313439386636636333643264396362303733383239663562623631633932633732623538363232
+35636432376666333166633339306635316234383630316137303865313839333938346163306565
+64353264636166323937306466393539383734613636336361623536313330363537326361393662
+64366330383838386165656636383530323866396663363230623964353363336461646363326663
+61356430396136393630626266366138623932323532663866326264333166663731303732333238
+336462386365303833366562636134663037
--- a/group_vars/all/vpn_vault.example
+++ b/group_vars/all/vpn_vault.example
@ -0,0 +1,4 @@
+---
+vpn_vault_hindley_key: "AAAAAcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
+vpn_vault_azerty_key: "BBBBBcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
+vpn_vault_hellman_key: "CCCCCcxofuT6w7K0ev6L9zxHk/nLvnGgXVgYzXRJNXw="
--- a/host_vars/azerty.fil.sand.auro.re/vpn.yml
+++ b/host_vars/azerty.fil.sand.auro.re/vpn.yml
@ -3,7 +3,7 @@ vpn_interfaces:
  wg0:
    ip: "{{ interfaces.wg0.ipv4 }}"
    private_key: "{{ vpn_vault_azerty_key }}"
-    public_key: ""
+    public_key: "o9rdoSdnp4twbNbZAMl0wY4sFQh647qqRv6V8HJwMQY="
    keepalive: true
    peers:
    - endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}"
--- a/host_vars/hellman.fil.sand.auro.re/vpn.yml
+++ b/host_vars/hellman.fil.sand.auro.re/vpn.yml
@ -3,7 +3,7 @@ vpn_interfaces:
  wg0:
    ip: "{{ interfaces.wg0.ipv4 }}"
    private_key: "{{ vpn_vault_hellman_key }}"
-    public_key: ""
+    public_key: "+qV1RHAgSigOkrxUKqpGR83bydmlIHrEiw+A7zjbRk4="
    keepalive: true
    peers:
    - endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}"
--- a/host_vars/hindley.adh.auro.re/vpn.yml
+++ b/host_vars/hindley.adh.auro.re/vpn.yml
@ -3,7 +3,7 @@ vpn_interfaces:
  wg0:
    ip: "{{ interfaces.wg0.ipv4 }}"
    private_key: "{{ vpn_vault_hindley_key }}"
-    public_key: ""
+    public_key: "Ce48/ZdvpI2S82bIivhiWHQsyidzTAtxCnEYojY3xEA="
    keepalive: false
    peers:
    - endpoint: ""