diff --git a/infrastructure/create-resources/ansible/roles/wireguard/mesh/tasks/main.yml b/infrastructure/create-resources/ansible/roles/wireguard/mesh/tasks/main.yml index f96cf18..c32d524 100644 --- a/infrastructure/create-resources/ansible/roles/wireguard/mesh/tasks/main.yml +++ b/infrastructure/create-resources/ansible/roles/wireguard/mesh/tasks/main.yml @@ -5,7 +5,6 @@ cache_valid_time: 3600 become: yes - - name: install ufw apt: name: ufw @@ -80,7 +79,7 @@ args: creates: "/etc/wireguard/psk-{{item}}" when: inventory_hostname < item - with_items: "{{groups['serverctl_mesh_nodes']}}" + with_items: "{{groups['serverctl_cluster']}}" become: yes - name: register preshared key @@ -88,7 +87,7 @@ register: wireguard_preshared_key changed_when: false when: inventory_hostname < item - with_items: "{{groups['serverctl_mesh_nodes']}}" + with_items: "{{groups['serverctl_cluster']}}" become: yes - name: message preshared keys @@ -97,7 +96,7 @@ with_items: "{{wireguard_preshared_key.results}}" become: yes -- name: Setup wgserverctl0 device +- name: Setup wg0 device template: src: 'systemd.netdev' dest: '{{systemd_network_dir}}/99-wg0.netdev' @@ -107,7 +106,7 @@ become: yes notify: systemd network restart -- name: Setup wgserverctl0 network +- name: Setup wg0 network template: src: 'systemd.network' dest: "{{systemd_network_dir}}/99-wg0.network" diff --git a/infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.netdev b/infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.netdev index 53d16ca..6b44b83 100644 --- a/infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.netdev +++ b/infrastructure/create-resources/ansible/roles/wireguard/mesh/templates/systemd.netdev @@ -7,7 +7,7 @@ Description=WireGuard tunnel wg0 ListenPort={{ wireguard_port }} PrivateKey={{ wireguard_private_key.stdout }} -{% for peer in groups['serverctl_mesh_nodes'] %} +{% for peer in groups['serverctl_cluster'] %} {% if peer != inventory_hostname %} [WireGuardPeer] diff --git a/infrastructure/create-resources/ansible/site.yml b/infrastructure/create-resources/ansible/site.yml index 0b62540..1281058 100644 --- a/infrastructure/create-resources/ansible/site.yml +++ b/infrastructure/create-resources/ansible/site.yml @@ -5,17 +5,13 @@ roles: - role: prereq - role: download + - role: './wireguard/mesh' + - hosts: serverctl_master_hosts become: yes roles: - role: "./k3s/master" -- hosts: serverctl_mesh_nodes - become: yes - gather_facts: yes - roles: - - role: './wireguard/mesh' - #- hosts: serverctl_node_hosts # become: yes # roles: diff --git a/infrastructure/create-resources/hcloud.tf b/infrastructure/create-resources/hcloud.tf index 493073d..f1a3c7f 100644 --- a/infrastructure/create-resources/hcloud.tf +++ b/infrastructure/create-resources/hcloud.tf @@ -7,7 +7,7 @@ variable "serverctl_node_count" { } variable "serverctl_mesh_count" { - default = 4 + default = 0 } resource "hcloud_placement_group" "serverctl_master" {