From f1605415fe48ca8725e4b0ba15fb00e1c023d09d Mon Sep 17 00:00:00 2001
From: Jeltz <tom.barthe+aurore@ens-paris-saclay.fr>
Date: Sat, 20 Feb 2021 21:03:35 +0100
Subject: [PATCH] Configure endpoints + "point-to-point" network

---
 host_vars/vpn-ng.adm.auro.re.yml | 6 +++++-
 host_vars/vpn-ovh-ng.auro.re.yml | 5 ++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/host_vars/vpn-ng.adm.auro.re.yml b/host_vars/vpn-ng.adm.auro.re.yml
index ce66045..8fd394f 100644
--- a/host_vars/vpn-ng.adm.auro.re.yml
+++ b/host_vars/vpn-ng.adm.auro.re.yml
@@ -2,13 +2,17 @@
 wireguard_endpoints:
   - name: ovh
     addrs:
-      - 10.132.0.252/16
+      - 192.168.0.1/24
     listen_port: 5412
     private_key: "{{ vault_wireguard_secrets.gs_ovh.private }}"
     peers:
       - public_key: "{{ vault_wireguard_secrets.ovh_gs.public }}"
         allowed_addrs:
+          - 192.168.0.0/24
+          - 10.128.0.0/16
           - 10.132.0.0/16
+        keepalive: 30
+        endpoint: 92.222.211.198:5412
 
 nftables_basic_input_rules:
   - proto: tcp
diff --git a/host_vars/vpn-ovh-ng.auro.re.yml b/host_vars/vpn-ovh-ng.auro.re.yml
index cee0205..2f17029 100644
--- a/host_vars/vpn-ovh-ng.auro.re.yml
+++ b/host_vars/vpn-ovh-ng.auro.re.yml
@@ -2,13 +2,16 @@
 wireguard_endpoints:
   - name: gs
     addrs:
-      - 10.128.0.225/16
+      - 192.168.0.2/24
     listen_port: 5412
     private_key: "{{ vault_wireguard_secrets.ovh_gs.private }}"
     peers:
       - public_key: "{{ vault_wireguard_secrets.gs_ovh.public }}"
         allowed_addrs:
+          - 192.168.0.0/24
           - 10.128.0.0/16
+          - 10.132.0.0/16
+        keepalive: 30
 
 nftables_basic_input_rules:
   - proto: tcp