aboutsummaryrefslogtreecommitdiff
path: root/ansible/plays
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/plays')
-rw-r--r--ansible/plays/files/wireguard/vs0/birgitte.pub1
-rw-r--r--ansible/plays/files/wireguard/vs0/vimscore-1.pub1
-rw-r--r--ansible/plays/files/wireguard/vs0/vimscore-2.pub1
-rw-r--r--ansible/plays/files/wireguard/vs0/vimscore-3.pub1
-rw-r--r--ansible/plays/wireguard-vs0.yml74
5 files changed, 78 insertions, 0 deletions
diff --git a/ansible/plays/files/wireguard/vs0/birgitte.pub b/ansible/plays/files/wireguard/vs0/birgitte.pub
new file mode 100644
index 0000000..fcc93c3
--- /dev/null
+++ b/ansible/plays/files/wireguard/vs0/birgitte.pub
@@ -0,0 +1 @@
+NBTz38oefUN5Thj7kwcL91fV7HL+xf6iju5/AgR2bC0=
diff --git a/ansible/plays/files/wireguard/vs0/vimscore-1.pub b/ansible/plays/files/wireguard/vs0/vimscore-1.pub
new file mode 100644
index 0000000..ed7da6a
--- /dev/null
+++ b/ansible/plays/files/wireguard/vs0/vimscore-1.pub
@@ -0,0 +1 @@
+5upofMGG4o7GO1fMYIUye/QImQwEJBXIlAMaH8QzzBk=
diff --git a/ansible/plays/files/wireguard/vs0/vimscore-2.pub b/ansible/plays/files/wireguard/vs0/vimscore-2.pub
new file mode 100644
index 0000000..45d1586
--- /dev/null
+++ b/ansible/plays/files/wireguard/vs0/vimscore-2.pub
@@ -0,0 +1 @@
+rDEwWC433PMoQtyORPrXD4bHiuTobvbqjYYUtATiWgY=
diff --git a/ansible/plays/files/wireguard/vs0/vimscore-3.pub b/ansible/plays/files/wireguard/vs0/vimscore-3.pub
new file mode 100644
index 0000000..f1503a5
--- /dev/null
+++ b/ansible/plays/files/wireguard/vs0/vimscore-3.pub
@@ -0,0 +1 @@
+gnbNb32q7t9oFU801ASfx7hi3IzbPYP/b/jpNYmiuHg=
diff --git a/ansible/plays/wireguard-vs0.yml b/ansible/plays/wireguard-vs0.yml
new file mode 100644
index 0000000..04eee72
--- /dev/null
+++ b/ansible/plays/wireguard-vs0.yml
@@ -0,0 +1,74 @@
+- hosts:
+ - akili
+ - birgitte
+ roles:
+ - role: wireguard2
+ wireguard_if: vs0
+ wireguard_listen_port: 45364
+ wireguard_address4: "{{ networks[ansible_hostname].address }}"
+
+ networks:
+ vimscore-1:
+ address: 192.168.137.1/24
+ network: 10.137.1.0
+ prefix: 24
+ vimscore-2:
+ address: 192.168.137.2/24
+ network: 10.137.2.0
+ prefix: 24
+ vimscore-3:
+ address: 192.168.137.3/24
+ network: 10.137.3.0
+ prefix: 24
+ akili:
+ address: 192.168.137.4/24
+ network: 10.137.4.0
+ prefix: 24
+ birgitte:
+ address: 192.168.137.5/24
+ network: 10.137.5.0
+ prefix: 24
+
+ wireguard_routers:
+ - gateway: "{{ networks['vimscore-1'].address }}"
+ network: "{{ networks['vimscore-1'].network }}/{{ networks['vimscore-1'].prefix }}"
+ state: "{{ 'absent' if ansible_hostname == 'vimscore-1' else 'present' }}"
+ - gateway: "{{ networks['vimscore-2'].address }}"
+ network: "{{ networks['vimscore-2'].network }}/{{ networks['vimscore-2'].prefix }}"
+ state: "{{ 'absent' if ansible_hostname == 'vimscore-2' else 'present' }}"
+ - gateway: "{{ networks['vimscore-3'].address }}"
+ network: "{{ networks['vimscore-3'].network }}/{{ networks['vimscore-3'].prefix }}"
+ state: "{{ 'absent' if ansible_hostname == 'vimscore-3' else 'present' }}"
+ - gateway: "{{ networks['akili'].address }}"
+ network: "{{ networks['akili'].network }}/{{ networks['akili'].prefix }}"
+ state: "{{ 'absent' if ansible_hostname == 'akili' else 'present' }}"
+ - gateway: "{{ networks['birgitte'].address }}"
+ network: "{{ networks['birgitte'].network }}/{{ networks['birgitte'].prefix }}"
+ state: "{{ 'absent' if ansible_hostname == 'birgitte' else 'present' }}"
+
+ wireguard_peers:
+ vimscore-1:
+ endpoint: vimscore-1.vimscore.com
+ allowed_ips:
+ - "{{ networks['vimscore-1'].address | ipaddr('address') }}/32"
+ - "{{ networks['vimscore-1'].network }}/{{ networks['vimscore-1'].prefix }}"
+ vimscore-2:
+ endpoint: vimscore-2.vimscore.com
+ allowed_ips:
+ - "{{ networks['vimscore-2'].address | ipaddr('address') }}/32"
+ - "{{ networks['vimscore-2'].network }}/{{ networks['vimscore-2'].prefix }}"
+ vimscore-3:
+ endpoint: vimscore-3.vimscore.com
+ allowed_ips:
+ - "{{ networks['vimscore-3'].address | ipaddr('address') }}/32"
+ - "{{ networks['vimscore-3'].network }}/{{ networks['vimscore-3'].prefix }}"
+ akili:
+ public_key: UZc6XKf9ULUbBc4CI01DdCdyuj+lHvc1NQRhGJH/TE4=
+ allowed_ips:
+ - "{{ networks['akili'].address | ipaddr('address') }}/32"
+ - "{{ networks['akili'].network }}/{{ networks['akili'].prefix }}"
+ birgitte:
+ public_key: NBTz38oefUN5Thj7kwcL91fV7HL+xf6iju5/AgR2bC0=
+ allowed_ips:
+ - "{{ networks['birgitte'].address | ipaddr('address') }}/32"
+ - "{{ networks['birgitte'].network }}/{{ networks['birgitte'].prefix }}"