From fa4cec585552b17349c2cf893b298c51ee380e01 Mon Sep 17 00:00:00 2001 From: Jean-Marie Mineau Date: Thu, 22 Apr 2021 21:44:40 +0200 Subject: [PATCH] add networking variable --- group_vars/all/vpn.yml | 3 +++ host_vars/azerty.fil.sand.auro.re/networking.yml | 8 ++++++++ host_vars/azerty.fil.sand.auro.re/vpn.yml | 12 ++++++++++++ .../hellman.fil.sand.auro.re/networking.yml | 8 ++++++++ host_vars/hellman.fil.sand.auro.re/vpn.yml | 12 ++++++++++++ host_vars/hindley.adh.auro.re/networking.yml | 8 ++++++++ host_vars/hindley.adh.auro.re/vpn.yml | 16 ++++++++++++++++ 7 files changed, 67 insertions(+) create mode 100644 group_vars/all/vpn.yml create mode 100644 host_vars/azerty.fil.sand.auro.re/networking.yml create mode 100644 host_vars/azerty.fil.sand.auro.re/vpn.yml create mode 100644 host_vars/hellman.fil.sand.auro.re/networking.yml create mode 100644 host_vars/hellman.fil.sand.auro.re/vpn.yml create mode 100644 host_vars/hindley.adh.auro.re/networking.yml create mode 100644 host_vars/hindley.adh.auro.re/vpn.yml diff --git a/group_vars/all/vpn.yml b/group_vars/all/vpn.yml new file mode 100644 index 0000000..f3669b7 --- /dev/null +++ b/group_vars/all/vpn.yml @@ -0,0 +1,3 @@ +--- +vpn_port: 51820 +vpn_keepalive_period: 25 diff --git a/host_vars/azerty.fil.sand.auro.re/networking.yml b/host_vars/azerty.fil.sand.auro.re/networking.yml new file mode 100644 index 0000000..f9cf0a7 --- /dev/null +++ b/host_vars/azerty.fil.sand.auro.re/networking.yml @@ -0,0 +1,8 @@ +--- +interfaces: + enp0s25: + ipv4: "10.50.1.221" + netmaskv4: 16 + wg0: + ipv4: "172.20.1.2" + netmaskv4: 16 diff --git a/host_vars/azerty.fil.sand.auro.re/vpn.yml b/host_vars/azerty.fil.sand.auro.re/vpn.yml new file mode 100644 index 0000000..cba6110 --- /dev/null +++ b/host_vars/azerty.fil.sand.auro.re/vpn.yml @@ -0,0 +1,12 @@ +--- +vpn_interfaces: + wg0: + ip: "{{ interfaces.wg0.ipv4 }}" + private_key: "{{ vpn_vault_azerty_key }}" + public_key: "" + keepalive: true + peers: + - endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}" + public_key: "{{ hostvars['hindley.adh.auro.re'].wg0.public_key }}" + allowed_ip: "{{ hostvars['hindley.adh.auro.re'].wg0.ip }}" + allowed_mask: "{{ interfaces.wg0.netmaskv4 }}" diff --git a/host_vars/hellman.fil.sand.auro.re/networking.yml b/host_vars/hellman.fil.sand.auro.re/networking.yml new file mode 100644 index 0000000..2083c66 --- /dev/null +++ b/host_vars/hellman.fil.sand.auro.re/networking.yml @@ -0,0 +1,8 @@ +--- +interfaces: + vmbr0: + ipv4: "10.50.2.17" + netmaskv4: 16 + wg0: + ipv4: "172.20.1.3" + netmaskv4: 16 diff --git a/host_vars/hellman.fil.sand.auro.re/vpn.yml b/host_vars/hellman.fil.sand.auro.re/vpn.yml new file mode 100644 index 0000000..e555d93 --- /dev/null +++ b/host_vars/hellman.fil.sand.auro.re/vpn.yml @@ -0,0 +1,12 @@ +--- +vpn_interfaces: + wg0: + ip: "{{ interfaces.wg0.ipv4 }}" + private_key: "{{ vpn_vault_hellman_key }}" + public_key: "" + keepalive: true + peers: + - endpoint: "{{ hostvars['hindley.adh.auro.re'].enp2s0.ipv4 }}" + public_key: "{{ hostvars['hindley.adh.auro.re'].wg0.public_key }}" + allowed_ip: "{{ hostvars['hindley.adh.auro.re'].wg0.ip }}" + allowed_mask: "{{ interfaces.wg0.netmaskv4 }}" diff --git a/host_vars/hindley.adh.auro.re/networking.yml b/host_vars/hindley.adh.auro.re/networking.yml new file mode 100644 index 0000000..8eb57ba --- /dev/null +++ b/host_vars/hindley.adh.auro.re/networking.yml @@ -0,0 +1,8 @@ +--- +interfaces: + enp2s0: + ipv4: "45.66.110.3" + netmaskv4: 24 + wg0: + ipv4: "172.20.1.1" + netmaskv4: 16 diff --git a/host_vars/hindley.adh.auro.re/vpn.yml b/host_vars/hindley.adh.auro.re/vpn.yml new file mode 100644 index 0000000..483522d --- /dev/null +++ b/host_vars/hindley.adh.auro.re/vpn.yml @@ -0,0 +1,16 @@ +--- +vpn_interfaces: + wg0: + ip: "{{ interfaces.wg0.ipv4 }}" + private_key: "{{ vpn_vault_hindley_key }}" + public_key: "" + keepalive: false + peers: + - endpoint: "" + public_key: "{{ hostvars['azerty.fil.sand.auro.re'].wg0.public_key }}" + allowed_ip: "{{ hostvars['azerty.fil.sand.auro.re'].wg0.ip }}" + allowed_mask: 32 + - endpoint: "" + public_key: "{{ hostvars['hellman.fil.sand.auro.re'].wg0.public_key }}" + allowed_ip: "{{ hostvars['hellman.fil.sand.auro.re'].wg0.ip }}" + allowed_mask: 32