25 lines
569 B
YAML
25 lines
569 B
YAML
---
|
|
wireguard_endpoints:
|
|
- name: saclay
|
|
addrs:
|
|
- 192.168.0.1/28
|
|
listen_port: 5412
|
|
private_key: "{{ vault_wireguard_secrets.ovh.private }}"
|
|
peers:
|
|
- public_key: "{{ vault_wireguard_secrets.gs.public }}"
|
|
allowed_addrs:
|
|
- 192.168.0.2/32
|
|
keepalive: 5
|
|
- public_key: "{{ vault_wireguard_secrets.edc.public }}"
|
|
allowed_addrs:
|
|
- 192.168.0.3/32
|
|
keepalive: 5
|
|
|
|
nftables_basic_input_rules:
|
|
- proto: tcp
|
|
port: 22
|
|
verdict: accept
|
|
- proto: udp
|
|
port: 5412
|
|
verdict: accept
|
|
...
|