update vpn config

This commit is contained in:
histausse 2022-05-22 20:26:16 +02:00
parent c35e4c309e
commit f3a4c70a4f
Signed by: histausse
GPG key ID: 67486F107F62E9E9
2 changed files with 11 additions and 72 deletions

View file

@ -18,21 +18,11 @@ intranet:
ipv4: 172.20.1.1 ipv4: 172.20.1.1
netmaskv4: 32 netmaskv4: 32
comment: Hindley comment: Hindley
azerty: router_hellman:
domaine: azerty domaine: 'router-hellman'
ipv4: 172.20.1.2
netmaskv4: 32
comment: Azerty
hellman:
domaine: hellman
ipv4: 172.20.1.3 ipv4: 172.20.1.3
netmaskv4: 32 netmaskv4: 32
comment: Hellman comment: Router on Hellman
rossum:
domaine: rossum
ipv4: 172.20.1.4
netmaskv4: 32
comment: Rossum
matrix: matrix:
domaine: matrix domaine: matrix
ipv4: 172.20.1.5 ipv4: 172.20.1.5
@ -40,42 +30,21 @@ intranet:
comment: Matrix server comment: Matrix server
guest_hellman: guest_hellman:
domaine: hllm domaine: hllm
ipv4: 172.20.103.0 ipv4: 172.20.198.0
netmaskv4: 24 netmaskv4: 24
gateway: 172.20.103.1 gateway: 172.20.198.1
comment: Lan for the vm hosted on hellman comment: Lan for the vm hosted on hellman
subnets: subnets:
hellman: hellman:
domaine: hellman domaine: router
ipv4: 172.20.103.1 ipv4: 172.20.198.1
netmaskv4: 32 netmaskv4: 32
comment: Hellman comment: Router
test: test:
domaine: test domaine: test
ipv4: 172.20.199.0 ipv4: 172.20.199.0
netmaskv4: 24 netmaskv4: 24
comment: Test VM comment: Test VM
subnets:
vm1:
domaine: vm1
ipv4: 172.20.199.1
netmaskv4: 32
comment: Test vm 1, on knuth
vm2:
domaine: vm2
ipv4: 172.20.199.2
netmaskv4: 32
comment: Test vm 2, on knuth
vm3:
domaine: vm3
ipv4: 172.20.199.3
netmaskv4: 32
comment: Test vm 3, on knuth
vm4:
domaine: vm4
ipv4: 172.20.199.4
netmaskv4: 32
comment: Test vm 4, on knuth
guest: guest:
domaine: guest domaine: guest
ipv4: 172.20.200.0 ipv4: 172.20.200.0

View file

@ -7,46 +7,16 @@ vpn_interfaces:
keepalive: false keepalive: false
peers: peers:
- endpoint: "" - endpoint: ""
public_key: "{{ hostvars['azerty'].vpn_interfaces.wg0.public_key }}" public_key: "jvjOCj5xVTLwyQ8o7QsYvF2ep1HbD/GKnmjpqJuztB8="
allowed_ips: allowed_ips:
- "{{ hostvars['azerty'].vpn_interfaces.wg0.ip }}/32" - "{{ intranet.subnets.physical.subnets.router_hellman.ipv4 }}/{{ intranet.subnets.physical.subnets.router_hellman.netmaskv4 }}"
comment: "azerty"
- endpoint: ""
public_key: "{{ hostvars['hellman'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['hellman'].vpn_interfaces.wg0.ip }}/32"
- "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}" - "{{ intranet.subnets.guest_hellman.ipv4 }}/{{ intranet.subnets.guest_hellman.netmaskv4 }}"
comment: "hellman" comment: "Router hosted on Hellman"
- endpoint: "" - endpoint: ""
public_key: "{{ vpn_guest_keys.knuth }}" public_key: "{{ vpn_guest_keys.knuth }}"
allowed_ips: allowed_ips:
- "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}" - "{{ intranet.subnets.guest.subnets.knuth.ipv4 }}/{{ intranet.subnets.guest.subnets.knuth.netmaskv4 }}"
comment: "Client laptop: knuth" comment: "Client laptop: knuth"
- endpoint: ""
public_key: "{{ hostvars['rossum'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['rossum'].vpn_interfaces.wg0.ip }}/32"
comment: "Raspi at paris, Rossum"
- endpoint: ""
public_key: "{{ hostvars['vm1'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['vm1'].vpn_interfaces.wg0.ip }}/32"
comment: "Test VM 1, hosted by knuth"
- endpoint: ""
public_key: "{{ hostvars['vm2'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['vm2'].vpn_interfaces.wg0.ip }}/32"
comment: "Test VM 2, hosted by knuth"
- endpoint: ""
public_key: "{{ hostvars['vm3'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['vm3'].vpn_interfaces.wg0.ip }}/32"
comment: "Test VM 3, hosted by knuth"
- endpoint: ""
public_key: "{{ hostvars['vm4'].vpn_interfaces.wg0.public_key }}"
allowed_ips:
- "{{ hostvars['vm4'].vpn_interfaces.wg0.ip }}/32"
comment: "Test VM 4, hosted by knuth"
- endpoint: "" - endpoint: ""
public_key: "{{ hostvars['matrix_server'].vpn_interfaces.wg0.public_key }}" public_key: "{{ hostvars['matrix_server'].vpn_interfaces.wg0.public_key }}"
allowed_ips: allowed_ips: