This commit is contained in:
parent
1663a469c2
commit
b4ee531a81
GPG Key ID:
0F95C140730F2F23
@ -5,7 +5,6 @@
|
|||||||
cache_valid_time: 3600
|
cache_valid_time: 3600
|
||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
|
|
||||||
- name: install ufw
|
- name: install ufw
|
||||||
apt:
|
apt:
|
||||||
name: ufw
|
name: ufw
|
||||||
@ -80,7 +79,7 @@
|
|||||||
args:
|
args:
|
||||||
creates: "/etc/wireguard/psk-{{item}}"
|
creates: "/etc/wireguard/psk-{{item}}"
|
||||||
when: inventory_hostname < item
|
when: inventory_hostname < item
|
||||||
with_items: "{{groups['serverctl_mesh_nodes']}}"
|
with_items: "{{groups['serverctl_cluster']}}"
|
||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
- name: register preshared key
|
- name: register preshared key
|
||||||
@ -88,7 +87,7 @@
|
|||||||
register: wireguard_preshared_key
|
register: wireguard_preshared_key
|
||||||
changed_when: false
|
changed_when: false
|
||||||
when: inventory_hostname < item
|
when: inventory_hostname < item
|
||||||
with_items: "{{groups['serverctl_mesh_nodes']}}"
|
with_items: "{{groups['serverctl_cluster']}}"
|
||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
- name: message preshared keys
|
- name: message preshared keys
|
||||||
@ -97,7 +96,7 @@
|
|||||||
with_items: "{{wireguard_preshared_key.results}}"
|
with_items: "{{wireguard_preshared_key.results}}"
|
||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
- name: Setup wgserverctl0 device
|
- name: Setup wg0 device
|
||||||
template:
|
template:
|
||||||
src: 'systemd.netdev'
|
src: 'systemd.netdev'
|
||||||
dest: '{{systemd_network_dir}}/99-wg0.netdev'
|
dest: '{{systemd_network_dir}}/99-wg0.netdev'
|
||||||
@ -107,7 +106,7 @@
|
|||||||
become: yes
|
become: yes
|
||||||
notify: systemd network restart
|
notify: systemd network restart
|
||||||
|
|
||||||
- name: Setup wgserverctl0 network
|
- name: Setup wg0 network
|
||||||
template:
|
template:
|
||||||
src: 'systemd.network'
|
src: 'systemd.network'
|
||||||
dest: "{{systemd_network_dir}}/99-wg0.network"
|
dest: "{{systemd_network_dir}}/99-wg0.network"
|
||||||
|
|||||||
@ -7,7 +7,7 @@ Description=WireGuard tunnel wg0
|
|||||||
ListenPort={{ wireguard_port }}
|
ListenPort={{ wireguard_port }}
|
||||||
PrivateKey={{ wireguard_private_key.stdout }}
|
PrivateKey={{ wireguard_private_key.stdout }}
|
||||||
|
|
||||||
{% for peer in groups['serverctl_mesh_nodes'] %}
|
{% for peer in groups['serverctl_cluster'] %}
|
||||||
{% if peer != inventory_hostname %}
|
{% if peer != inventory_hostname %}
|
||||||
|
|
||||||
[WireGuardPeer]
|
[WireGuardPeer]
|
||||||
|
|||||||
@ -5,17 +5,13 @@
|
|||||||
roles:
|
roles:
|
||||||
- role: prereq
|
- role: prereq
|
||||||
- role: download
|
- role: download
|
||||||
|
- role: './wireguard/mesh'
|
||||||
|
|
||||||
- hosts: serverctl_master_hosts
|
- hosts: serverctl_master_hosts
|
||||||
become: yes
|
become: yes
|
||||||
roles:
|
roles:
|
||||||
- role: "./k3s/master"
|
- role: "./k3s/master"
|
||||||
|
|
||||||
- hosts: serverctl_mesh_nodes
|
|
||||||
become: yes
|
|
||||||
gather_facts: yes
|
|
||||||
roles:
|
|
||||||
- role: './wireguard/mesh'
|
|
||||||
|
|
||||||
#- hosts: serverctl_node_hosts
|
#- hosts: serverctl_node_hosts
|
||||||
# become: yes
|
# become: yes
|
||||||
# roles:
|
# roles:
|
||||||
|
|||||||
@ -7,7 +7,7 @@ variable "serverctl_node_count" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
variable "serverctl_mesh_count" {
|
variable "serverctl_mesh_count" {
|
||||||
default = 4
|
default = 0
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "hcloud_placement_group" "serverctl_master" {
|
resource "hcloud_placement_group" "serverctl_master" {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user