add networking variable

3 years ago · fa4cec5855
parent ef97477ed2
commit fa4cec5855
7 changed files with 67 additions and 0 deletions
--- a/group_vars/all/vpn.yml
+++ b/group_vars/all/vpn.yml
@ -0,0 +1,3 @@
+---
+vpn_port: 51820
+vpn_keepalive_period: 25
--- a/host_vars/azerty.fil.sand.auro.re/networking.yml
+++ b/host_vars/azerty.fil.sand.auro.re/networking.yml
@ -0,0 +1,8 @@
+---
+interfaces:
+  enp0s25:
+    ipv4: "10.50.1.221"
+    netmaskv4: 16
+  wg0:
+    ipv4: "172.20.1.2"
+    netmaskv4: 16
--- a/host_vars/azerty.fil.sand.auro.re/vpn.yml
+++ b/host_vars/azerty.fil.sand.auro.re/vpn.yml
@ -0,0 +1,12 @@
+---
+vpn_interfaces:
+  wg0:
+    ip: "{{ interfaces.wg0.ipv4 }}"
+    private_key: "{{ vpn_vault_azerty_key }}"
+    public_key: ""
+    keepalive: true
+    peers:
+    - endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}"
+      public_key: "{{ hostvars['hindley.adh.auro.re'].wg0.public_key }}"
+      allowed_ip: "{{ hostvars['hindley.adh.auro.re'].wg0.ip }}"
+      allowed_mask: "{{ interfaces.wg0.netmaskv4 }}"
--- a/host_vars/hellman.fil.sand.auro.re/networking.yml
+++ b/host_vars/hellman.fil.sand.auro.re/networking.yml
@ -0,0 +1,8 @@
+---
+interfaces:
+  vmbr0:
+    ipv4: "10.50.2.17"
+    netmaskv4: 16
+  wg0:
+    ipv4: "172.20.1.3"
+    netmaskv4: 16
--- a/host_vars/hellman.fil.sand.auro.re/vpn.yml
+++ b/host_vars/hellman.fil.sand.auro.re/vpn.yml
@ -0,0 +1,12 @@
+---
+vpn_interfaces:
+  wg0:
+    ip: "{{ interfaces.wg0.ipv4 }}"
+    private_key: "{{ vpn_vault_hellman_key }}"
+    public_key: ""
+    keepalive: true
+    peers:
+    - endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}"
+      public_key: "{{ hostvars['hindley.adh.auro.re'].wg0.public_key }}"
+      allowed_ip: "{{ hostvars['hindley.adh.auro.re'].wg0.ip }}"
+      allowed_mask: "{{ interfaces.wg0.netmaskv4 }}"
--- a/host_vars/hindley.adh.auro.re/networking.yml
+++ b/host_vars/hindley.adh.auro.re/networking.yml
@ -0,0 +1,8 @@
+---
+interfaces:
+  enp2s0:
+    ipv4: "45.66.110.3"
+    netmaskv4: 24
+  wg0:
+    ipv4: "172.20.1.1"
+    netmaskv4: 16
--- a/host_vars/hindley.adh.auro.re/vpn.yml
+++ b/host_vars/hindley.adh.auro.re/vpn.yml
@ -0,0 +1,16 @@
+---
+vpn_interfaces:
+  wg0:
+    ip: "{{ interfaces.wg0.ipv4 }}"
+    private_key: "{{ vpn_vault_hindley_key }}"
+    public_key: ""
+    keepalive: false
+    peers:
+    - endpoint: ""
+      public_key: "{{ hostvars['azerty.fil.sand.auro.re'].wg0.public_key }}"
+      allowed_ip: "{{ hostvars['azerty.fil.sand.auro.re'].wg0.ip }}"
+      allowed_mask: 32
+    - endpoint: ""
+      public_key: "{{ hostvars['hellman.fil.sand.auro.re'].wg0.public_key }}"
+      allowed_ip: "{{ hostvars['hellman.fil.sand.auro.re'].wg0.ip }}"
+      allowed_mask: 32