2021-02-20 17:05:10 +01:00
|
|
|
---
|
|
|
|
wireguard_endpoints:
|
|
|
|
- name: ovh
|
2021-02-21 10:57:44 +01:00
|
|
|
addr: 192.168.0.0/31
|
2021-02-20 23:41:10 +01:00
|
|
|
private_key: "{{ vault_wireguard_secrets.gs.private }}"
|
2021-02-21 10:57:44 +01:00
|
|
|
peer:
|
|
|
|
public_key: "{{ vault_wireguard_secrets.ovh_gs.public }}"
|
|
|
|
allowed_addrs:
|
|
|
|
- 192.168.0.1/32
|
|
|
|
- 10.132.0.0/16
|
|
|
|
keepalive: 5
|
|
|
|
endpoint: 92.222.211.198:5412
|
2021-02-20 17:05:10 +01:00
|
|
|
|
|
|
|
nftables_basic_input_rules:
|
|
|
|
- proto: tcp
|
|
|
|
port: 22
|
|
|
|
verdict: accept
|
|
|
|
- proto: udp
|
|
|
|
port: 5412
|
|
|
|
verdict: accept
|
|
|
|
...
|