21 lines
418 B
YAML
21 lines
418 B
YAML
|
---
|
||
|
wireguard_endpoints:
|
||
|
- name: ovh
|
||
|
addrs:
|
||
|
- 10.132.0.252/16
|
||
|
listen_port: 5412
|
||
|
private_key: "{{ vault_wireguard_secrets.gs_ovh.private }}"
|
||
|
peers:
|
||
|
- public_key: "{{ vault_wireguard_secrets.ovh_gs.public }}"
|
||
|
allowed_addrs:
|
||
|
- 10.132.0.0/16
|
||
|
|
||
|
nftables_basic_input_rules:
|
||
|
- proto: tcp
|
||
|
port: 22
|
||
|
verdict: accept
|
||
|
- proto: udp
|
||
|
port: 5412
|
||
|
verdict: accept
|
||
|
...
|