kjuulh/serverctl
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

Add homeserver to infra
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Kasper Juul Hermansen
2022-02-24 21:36:07 +01:00
parent 9eaca5ae11
commit 5c9f96be8e
13 changed files with 171 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.netdev
View File

@@ -1,20 +1,22 @@
[NetDev]
Name=wg0
Name=serverctl-wg0
Kind=wireguard
Description=WireGuard tunnel wg0
Description=WireGuard tunnel serverctl-wg0
[WireGuard]
ListenPort={{ wireguard_port }}
PrivateKey={{ wireguard_private_key.stdout }}
{% for peer in groups['serverctl_cluster'] %}
{% for peer in groups['serverctl_super_cluster'] %}
{% if peer != inventory_hostname %}
[WireGuardPeer]
PublicKey={{ hostvars[peer].wireguard_public_key.stdout }}
PresharedKey={{ wireguard_preshared_keys[peer] if inventory_hostname < peer else hostvars[peer].wireguard_preshared_keys[inventory_hostname] }}
AllowedIPs={{ hostvars[peer].wireguard_ip }}/32
{% if not hostvars[peer].client_server %}
Endpoint={{ hostvars[peer].ansible_host }}:{{ wireguard_port }}
PersistentKeepalive=25
{% endif %}
{% endif %}
{% endfor %}

2
infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.network
View File

@@ -1,5 +1,5 @@
[Match]
Name=wg0
Name=serverctl-wg0
[Network]
Address={{ wireguard_ip }}/{{ wireguard_mask_bits }}