diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2023-10-25 15:42:22 +0200 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2023-10-25 15:42:22 +0200 |
| commit | a5d79d229e89a8c7bab3527ef2097429ee7a308f (patch) | |
| tree | 49e83f99ca7e94cc4b805b662ba1006812ba1c6b /ansible/wg0 | |
| parent | 26f3413597580dab902a224dbbfd4e647eea05bf (diff) | |
| download | infra-a5d79d229e89a8c7bab3527ef2097429ee7a308f.tar.gz infra-a5d79d229e89a8c7bab3527ef2097429ee7a308f.tar.bz2 infra-a5d79d229e89a8c7bab3527ef2097429ee7a308f.tar.xz infra-a5d79d229e89a8c7bab3527ef2097429ee7a308f.zip | |
wg0
Diffstat (limited to 'ansible/wg0')
17 files changed, 101 insertions, 0 deletions
diff --git a/ansible/wg0/files/akili/etc/wireguard/public-wg0.key b/ansible/wg0/files/akili/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..a257ddf --- /dev/null +++ b/ansible/wg0/files/akili/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +VljF7el9SuYTe4RN9ZOSHPHyqWnUM/DSk4kuh29hJR4= diff --git a/ansible/wg0/files/android-trygvis/etc/wireguard/public-wg0.key b/ansible/wg0/files/android-trygvis/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..4ab6833 --- /dev/null +++ b/ansible/wg0/files/android-trygvis/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +9SgKebI72gmwuglEQfSOp3CKrYprUXam6+9BbEPnEkU= diff --git a/ansible/wg0/files/arius/etc/wireguard/public-wg0.key b/ansible/wg0/files/arius/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..a722138 --- /dev/null +++ b/ansible/wg0/files/arius/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +8OOM3+qqdyh3uoI6/1pA+9/ksYwNB7jUk9HZx13zsS0= diff --git a/ansible/wg0/files/astyanax/etc/wireguard/public-wg0.key b/ansible/wg0/files/astyanax/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..62eb9b6 --- /dev/null +++ b/ansible/wg0/files/astyanax/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +CnfTr3NGymPlOKzWeaUXutxaIFKRDpREx3XI40rUr2U= diff --git a/ansible/wg0/files/birgitte/etc/wireguard/public-wg0.key b/ansible/wg0/files/birgitte/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..d595dff --- /dev/null +++ b/ansible/wg0/files/birgitte/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +r/eymAwM7HDSJkkWSY2Ec7A+F8AQ7tuL0drD/OI1LyM= diff --git a/ansible/wg0/files/conflatorio/etc/wireguard/public-wg0.key b/ansible/wg0/files/conflatorio/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..f4cc915 --- /dev/null +++ b/ansible/wg0/files/conflatorio/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +170TWFqJLCfkw48ddLLnx7zWAo1qpx/AQf8Dar8mSXY= diff --git a/ansible/wg0/files/hash/etc/wireguard/public-wg0.key b/ansible/wg0/files/hash/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..b7736d6 --- /dev/null +++ b/ansible/wg0/files/hash/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +mqWUWuINT47LoIxYHNrtdvE91nBZeqGaRfwAK1rTPHw= diff --git a/ansible/wg0/files/knot/etc/wireguard/public-wg0.key b/ansible/wg0/files/knot/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..8caf3db --- /dev/null +++ b/ansible/wg0/files/knot/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +cuUgTdFH1UEXpUH6V1nashdH7K/L+pl6dmJCpBWN+Xw= diff --git a/ansible/wg0/files/kv24ix/etc/wireguard/public-wg0.key b/ansible/wg0/files/kv24ix/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..99eceda --- /dev/null +++ b/ansible/wg0/files/kv24ix/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +2J8R/Yg5HWyG/aGOmoCXnbuoPUHzhDxAOeckfnBarW0= diff --git a/ansible/wg0/files/lhn2ix/etc/wireguard/public-wg0.key b/ansible/wg0/files/lhn2ix/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..588621e --- /dev/null +++ b/ansible/wg0/files/lhn2ix/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +qGGsJvvaZWjyjATnPKq/4rpCseuuqiWnS3qSpTntl04= diff --git a/ansible/wg0/files/lhn2pi/etc/wireguard/public-wg0.key b/ansible/wg0/files/lhn2pi/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..df1ce0a --- /dev/null +++ b/ansible/wg0/files/lhn2pi/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +Flf2BKoYAvE4oZc/+l0sn4GldkI/lKXObrJXdBpvakI= diff --git a/ansible/wg0/files/malabaricus/etc/wireguard/public-wg0.key b/ansible/wg0/files/malabaricus/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..6104a9a --- /dev/null +++ b/ansible/wg0/files/malabaricus/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +LjvdPrpPeXyj8qIYgiKkrt7A6C+VmwKgjxYmpr5Jtg0= diff --git a/ansible/wg0/files/sweetzpot-macos/etc/wireguard/public-wg0.key b/ansible/wg0/files/sweetzpot-macos/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..ea56ab1 --- /dev/null +++ b/ansible/wg0/files/sweetzpot-macos/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +815EbcmtSqL9Fr6SdvfeL6/BLjDBAJDPsV/lnxeWmG0= diff --git a/ansible/wg0/files/sweetzpot-mobile/etc/wireguard/public-wg0.key b/ansible/wg0/files/sweetzpot-mobile/etc/wireguard/public-wg0.key new file mode 100644 index 0000000..73c8ae8 --- /dev/null +++ b/ansible/wg0/files/sweetzpot-mobile/etc/wireguard/public-wg0.key @@ -0,0 +1 @@ +EQhaAO3krXKwugH0gdWEd/VjtsxXVWg0osNi5Ia6KDs= diff --git a/ansible/wg0/group_vars/all/wireguard_wg0.yml b/ansible/wg0/group_vars/all/wireguard_wg0.yml new file mode 100644 index 0000000..931b0ae --- /dev/null +++ b/ansible/wg0/group_vars/all/wireguard_wg0.yml @@ -0,0 +1,65 @@ +wireguard_wg0: + if: wg0 + ipv4_prefix: 24 + ipv6_prefix: 64 + hosts: + knot: + endpoint: trygvis.io + listen_port: 51821 + peers: all + # Generated by https://www.ultratools.com/tools/rangeGenerator + ipv6: fdf3:aad9:a885:0b3a::1 + allowed_ips: + - ::/0 + birgitte: + state: absent + ipv4: 192.168.60.2 + ipv6: fdf3:aad9:a885:0b3a::2 + conflatorio: + state: absent + ipv6: fdf3:aad9:a885:0b3a::3 + arius: + state: present + ipv6: fdf3:aad9:a885:0b3a::6 + akili: + state: present + ipv6: fdf3:aad9:a885:0b3a::7 + allowed_ips: + - fdf3:aad9:a885:ba64::/64 + malabaricus: + state: absent + ipv6: fdf3:aad9:a885:0b3a::8 + sweetzpot-mobile: + state: present + ipv6: fdf3:aad9:a885:0b3a::9 + astyanax: + state: present + ipv6: fdf3:aad9:a885:0b3a::10 + allowed_ips: + - fdf3:aad9:a885:ba65::/64 + sweetzpot-macos: + state: present + ipv6: fdf3:aad9:a885:0b3a::11 + android-trygvis: + state: absent + ipv6: fdf3:aad9:a885:0b3a::12 + hash: + endpoint: hash.trygvis.io + listen_port: 51821 + peers: all + ipv6: fdf3:aad9:a885:0b3a::13 + allowed_ips: + - fdf3:aad9:a885:ab76::/64 + lhn2pi: + state: present + ipv6: fdf3:aad9:a885:0b3a::14 + lhn2ix: + state: present + ipv6: fdf3:aad9:a885:0b3a::15 + allowed_ips: + - fdf3:aad9:a885:77dd::/64 + kv24ix: + state: present + ipv6: fdf3:aad9:a885:0b3a::16 + allowed_ips: + - fdf3:aad9:a885:b22d::/64 diff --git a/ansible/wg0/wireguard-wg0-terraform.yml b/ansible/wg0/wireguard-wg0-terraform.yml new file mode 100644 index 0000000..33b4b47 --- /dev/null +++ b/ansible/wg0/wireguard-wg0-terraform.yml @@ -0,0 +1,17 @@ +- hosts: localhost + connection: local + tasks: + - tags: terraform + copy: + dest: ../../terraform/dns/vpn.tf + content: | + # Generated from ansible data + {% for host, data in wireguard_wg0.hosts.items() %} + resource "linode_domain_record" "vpn-{{ host }}" { + domain_id = linode_domain.root.id + name = "{{ host }}.vpn" + record_type = "AAAA" + target = "{{ data.ipv6 }}" + } + {% endfor %} + diff --git a/ansible/wg0/wireguard-wg0.yml b/ansible/wg0/wireguard-wg0.yml new file mode 100644 index 0000000..a6f6653 --- /dev/null +++ b/ansible/wg0/wireguard-wg0.yml @@ -0,0 +1,5 @@ +- hosts: + - wireguard_wg0 + roles: + - role: wireguard + wireguard__name: wireguard_wg0 |