diff options
Diffstat (limited to 'tnet')
-rw-r--r-- | tnet/host_vars/akili/tnet.yml | 4 | ||||
-rw-r--r-- | tnet/host_vars/hash/tnet.yml | 5 | ||||
-rw-r--r-- | tnet/host_vars/knot/tnet.yml | 5 | ||||
-rw-r--r-- | tnet/keys/wg-akili-hash.pub | 2 | ||||
-rw-r--r-- | tnet/keys/wg-akili-hash.sops.key | 12 | ||||
-rw-r--r-- | tnet/keys/wg-akili-knot.pub | 2 | ||||
-rw-r--r-- | tnet/keys/wg-akili-knot.sops.key | 12 | ||||
-rw-r--r-- | tnet/keys/wg-hash-akili.pub | 1 | ||||
-rw-r--r-- | tnet/keys/wg-hash-akili.sops.key | 28 | ||||
-rw-r--r-- | tnet/keys/wg-knot-akili.pub | 1 | ||||
-rw-r--r-- | tnet/keys/wg-knot-akili.sops.key | 28 | ||||
-rw-r--r-- | tnet/wg-links-link.yml | 8 | ||||
-rw-r--r-- | tnet/wg-links.yml | 13 |
13 files changed, 95 insertions, 26 deletions
diff --git a/tnet/host_vars/akili/tnet.yml b/tnet/host_vars/akili/tnet.yml index 56dce60..b12cc96 100644 --- a/tnet/host_vars/akili/tnet.yml +++ b/tnet/host_vars/akili/tnet.yml @@ -1,3 +1,7 @@ tnet_links: hash: + endpoint: hash.trygvis.io:51002 + address: fdb1:4242:3538:ffff:ca85:f812:3935:5fbb knot: + endpoint: knot.inamo.no:51004 + address: fdb1:4242:3538:ffff:59d7:cf77:8b5d:761a diff --git a/tnet/host_vars/hash/tnet.yml b/tnet/host_vars/hash/tnet.yml index d7e1e32..8246dfd 100644 --- a/tnet/host_vars/hash/tnet.yml +++ b/tnet/host_vars/hash/tnet.yml @@ -1,5 +1,8 @@ tnet_links: knot: port: 51001 + endpoint: knot.trygvis.io:51001 address: fdb1:4242:3538:ffff:410b:dabe:1a0d:6843 - remote: knot.trygvis.io:51001 + akili: + port: 51002 + address: fdb1:4242:3538:ffff:ca85:f812:3935:5fba diff --git a/tnet/host_vars/knot/tnet.yml b/tnet/host_vars/knot/tnet.yml index a7cca59..4c30fb5 100644 --- a/tnet/host_vars/knot/tnet.yml +++ b/tnet/host_vars/knot/tnet.yml @@ -1,11 +1,14 @@ tnet_links: hash: port: 51001 + endpoint: hash.trygvis.io:51001 address: fdb1:4242:3538:ffff:410b:dabe:1a0d:6842 - remote: hash.trygvis.io:51001 lhn2ix: port: 51002 address: fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a kv24ix: port: 51003 address: fdb1:4242:3538:ffff:ea4:11cb:863:5252 + akili: + port: 51004 + address: fdb1:4242:3538:ffff:59d7:cf77:8b5d:761a diff --git a/tnet/keys/wg-akili-hash.pub b/tnet/keys/wg-akili-hash.pub index 2b641c1..54c4a15 100644 --- a/tnet/keys/wg-akili-hash.pub +++ b/tnet/keys/wg-akili-hash.pub @@ -1 +1 @@ -rLRkJ7S4/QchoIochAQdJHAbkX0WGt6ySsO6DLngByc=
\ No newline at end of file +uZJxM8xNPv0xEKR/Bjvh3YvrZ+WhSVbwYiui9Ebxqgs=
\ No newline at end of file diff --git a/tnet/keys/wg-akili-hash.sops.key b/tnet/keys/wg-akili-hash.sops.key index b5cc50d..f15f21f 100644 --- a/tnet/keys/wg-akili-hash.sops.key +++ b/tnet/keys/wg-akili-hash.sops.key @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:yso3Z/v36F3wA5Z0SKjhnzGR18GU1sFhyT4gJ0a1jD0XvOu5te1aGthKnCs=,iv:AyIU4zLgbHPU22nEHCEuTP5MJD1jyWmNKzl8ZYxr9Bs=,tag:gowrN3rJznfRxdh4uMkjAA==,type:str]", + "data": "ENC[AES256_GCM,data:V110Ccs/U6xpiP8PgqADDlpZkRuRRdl5YRFfcKMgpUnMOBd7HBG+eey1nXg=,iv:RtXxF1n4c8kRjz6OwhFIgW8npvrqnzH8TagF18DzxIM=,tag:Pkgwl/+DiEsewbmm9pv4lw==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -8,19 +8,19 @@ "age": [ { "recipient": "age13wv3rp0varlg4nvt3tca48fq8u9q3mc6yfdekjeapcmc7kaq4dysrzcmv3", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFemdKYmZKTXJ3ZWV4M0Yz\nOVZtMTdTTGxrSVNyMXFpUDJmdDg4QjRUVlQwCkx4Tnd2cDNhcmcvaEcxMTMraC9R\nWGNxUnRJYUlVaTFmZlZJUGcvV1hhWE0KLS0tIHorcWlVWVBEZmlGV1IyQklNcnp2\nYXh6anc4dThnRmVOUE1MeExYaW82bXcKOozJqoWwuaBgr4Lgt5swzhOg4bwLpOkf\nBuCE4rhNdjnKX7vmF4xTErMOX8fRZMmHjKcqU4W818biMGezlhV1Hw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwcEVYd0xZYktWWkZGMlFN\nSWxCN00yajJxTW5UaWNCRm5aZW8wVm1TR3hzCnVvTUJqNVFlZDNhTXNpMGdPSWR3\nMGY2QjZEL0VQU09NMXEwQTk3aTVnTEkKLS0tIC9SWHhMVGdzcjBkcFR3SWx5MGxY\ncGE0NmdrQXdwRWZmU2VuVTR1czkvQUEKjlcfHSXRDkCyYGb6GYP2m9phnQ29yXDb\nZfrnhNR1ffQhgX4sxA9LK0EPObbtU3ES1y2qtLnxu9h3f4VoXYAoyQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1mvh832crygenu5tu5njtraraet656rzwnawuasjggvs999dc9ueqj9qclw", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4ZFNrMEZlcEttSUkwSU16\nR1Z1cnVEZFFySEFUVWNLS0JWTTJWaEgxcndnCklHVWpnQkQzOUgrUm4xVThRZ0RJ\nQjNjeVJXWlFOSWVRLzJ6WlBwYitwdE0KLS0tIHFpU1ZIeTNwdDhrRlZSTzA2WWZ0\nemJtNVE2Zkx2RGNuTmlkUCtZd0F3SGcKS5hVPEEW0/e+SO4p8C08C03bhuwjNCXl\nKOmVW34/yEexu2cCwUgqFKtc7lB9mxPjL0uLEuMTdpDdb2FiT49gGw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlMStSRVVZUmJqYy90eG9y\neFpRMDVBTGNGbzNoVEkwc1JZUVF0dXczUkYwClZzbkIrc3o3ME5POStiSGtiWk5E\nRlVDRTZpUFA1ZmFHNExKOWxZZE5laTgKLS0tIEdmRFN6YTZwQzAyNnllZzNLRFVi\ndkVMcWVadkI4V0I4eHhENWlJbWNWN28Ks1dEwr4ITIvTzAq2JKyyzGrR44Go+tyB\nFdV4zG4yg+msiyZTr25bf7x6gfBl5ZlsC6/8vGamGTIqE+gwY1TWeQ==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1teasctdpkatekpsa47q58d3ugwyyqcuj5v9udtusk7ca9sfv694sw057a5", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSTTUzQWZOVlNPWmhKd0o4\nWjJFTjY4cXJxbGErRmhrRHdORUgvT2dpK25RCktMTWY0RHByZGVxTlRhUlBwczhM\nNDhpd3k4YXpDVTNmZmY3bndONWU2VzAKLS0tIDlFWHFBekQ5RWpKcGRJUXhNOUw5\nWUNPcEVYamQ3QlZZMkRpdThjR0E1azQKdx/6O8+XpCzCcAGfT1XaEeFP9MBugTps\n7LkSmgt6Ulj+PlnVI99cl5Izu1lNM2F7y+1NxWEI5tRWM/VQ1KIG1Q==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAra0hqZkZ4SFRydEJvSTk0\nc3pvSzU3NitxQ3Z5THVoVCtXSGRUaXdYbXlJCkR2TUpLVHdmV0dNOWNqbEJlRi8z\nb1VjYmh0ZVF1dDVVbFdYMjltQmpwQW8KLS0tIHFBOFd0N0thVGZDSXhkYjVldGJo\nRC9Oc1Z0ZWRNOUN2enNTNnlzZ0ZGUmsKPN9AIJPcByDbpj5pyF0Ju/AuEWakwY2B\nZtfBrIdeY15QqhR14UMMHZx1GKhFHXL8zTiqK2Grba8CJU6QW/GhOA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-06-05T19:47:25Z", - "mac": "ENC[AES256_GCM,data:FKhypHPNj1HnYOEYQONGvVzHT2o4fFORhJsoJZZ+hi/9dnPzSOu6tG8B1KcFqbytyg3lAcBj/CqNKzZaxA4ykI/gqB/Yt6vHYXYPX4GTWYzaq4N+I9NkhHvVmS/r2kYkbyTBNQijcrbd7MQ48WMWNz3gEEzm5ZPMyqI3TJCG348=,iv:CFwsEm4iahyeTxyqyY2F5smzMaK0ZX9vD63vPyQFFeo=,tag:3B26DYLQaK32bGYIDq/dow==,type:str]", + "lastmodified": "2024-06-05T20:37:57Z", + "mac": "ENC[AES256_GCM,data:Ow12TSR6K1N11nZYqd40Ts6lP0W3ouOeegeyYfcFeZbZDYDO4rURAQ1gynax9oRhOaY3PLi9epylCyv78NcRj3kgUwRshQwjivLu39vtyzIcFHcOKavhNWOF9qYQfKqXrda0XG5maEM2Dug5y8XwGcWGb0r77gKGO+qF1Af3iVA=,iv:bNapVzPDOvL9d6wkqTOZ3TQ7upA3yUMkwtdIZYMmaYg=,tag:sAi2AnML8CiWq3flb10Rug==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.7.3" diff --git a/tnet/keys/wg-akili-knot.pub b/tnet/keys/wg-akili-knot.pub index 4c6dff9..f82cdf0 100644 --- a/tnet/keys/wg-akili-knot.pub +++ b/tnet/keys/wg-akili-knot.pub @@ -1 +1 @@ -2p6XvWveJv40TMW5nGvDkz98KGgRLH6w4SbcMVhqqXI=
\ No newline at end of file +uqLqW/p9YNKPis9VHPSDw1SI3gGk82RfB8InUHJJnVU=
\ No newline at end of file diff --git a/tnet/keys/wg-akili-knot.sops.key b/tnet/keys/wg-akili-knot.sops.key index e5a3204..ab70c23 100644 --- a/tnet/keys/wg-akili-knot.sops.key +++ b/tnet/keys/wg-akili-knot.sops.key @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:8Ci5SUCa+eHIx246stwBmY7nPFNxD5VaZHprMuh8+SVDMRvDB6+qrgbiHiU=,iv:HTxWfyDVEvz7RISMI4QT9Xqzo1ju+pv2Re837M4+Q8k=,tag:Q2zP9J4pZp1Ixp12JNF+RA==,type:str]", + "data": "ENC[AES256_GCM,data:cNZ2gyUWrlzaJCwpMSGCNB9HcStR9ofE8aKCN+cfsnD7AohyI7Vv1jDORhY=,iv:OiHlTQyluYLWV7Gd7Gt/mxEgWBZPYGIx/GMtr5ARYtY=,tag:eOpPrbZlWx+LINt1dP6fEA==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -8,19 +8,19 @@ "age": [ { "recipient": "age13wv3rp0varlg4nvt3tca48fq8u9q3mc6yfdekjeapcmc7kaq4dysrzcmv3", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArbE93M0E5NTR6elVoVngv\nczVldHJjZlZaSXp5NHYrOGNaRW51cEk2YWhvClJtNWt0WnE4MXdRNzY5SzBNbWxq\nY2w3VTB1Q3d1Tng1czdFM3Juc3NxV00KLS0tIFFEaEdKUndMRy9RZ1dQUTRUa3Yy\naFVpNWc1TkNZM0FoM3FOMlhuVWVvbjAK+ZfM3N0UqkUHVnOR2GeCgm30W1sPrDfc\n7TmiR+bCTjcQhsEIKPp8/yJRdH9njTb5gefd/TB4B9u8Dtq+JZC5tw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzNjV0TjlsYmlUQnV1Tlll\nUHZ1ZERqcFRUQjN6YStpWjNtTCtFK3NLckZnCm9hbWloVDR6WDE2aklySXJlajZ5\nYUNHL3hEU2QxTXV6SXoyL1RTc1A1WFEKLS0tIDFXQ1AxV0J4c21KMWJBanJ2Z3hP\nQy9pSndpczhlcHFkb0tvdGVUL2ZJK0EKb0maRHgJ3cj4Bmr9nKmoS7LTgEMIzLyE\nh+v9YGkpsCwuhqLStQvgukXalYrsRnswzBbnxmH50GEkx1Kgs9UCbA==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1mvh832crygenu5tu5njtraraet656rzwnawuasjggvs999dc9ueqj9qclw", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHL1FDOUxZWm1iWU54K2xt\nYTYwTHJCM1F1WVZDMDZpaDZ1UGtaeVVqeHlRCnNsTnh2SytiY2RpTVBXZUFGb0VZ\nMk9Sd0hyL1c4eHJMN0paL0xNWklPZTAKLS0tIEY5Zmk5VlcrQWxLYnBFdmt4Nnla\nZ2dJZkVCQjJablVnRWFxNVpyMHBBbVkK+/3vZNUMjTSUzNG2D8ZIZ0ag1L3ybZkw\n5nu3uPFNb0Fu60DCsCl4NJISc4uCXbiGsWVi4jRTSWhTXYPi4gok3g==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzSzJUOGN1cFhVQVVCRlVn\nMXhvaGFLOFV6R1A3N3Y0ZUorQXBLa29hTFR3CnlWQkxHQ3lNU1YvZmh4TVRoTHdD\ncmZnaVFKUUNEeUplcEZmeDFHb3NGQXMKLS0tIGk4b0JybmtSRmdUdTUxSU5QdDFu\nWnRMWGw5WUdWWGtLeTlPc2w1dUZZRUEKOHSD0VXSlJWNMKPuz2kK0T4LZHaLyse+\ngg/iiABrkwqSTce0ZnmzTZmRozoaw4j8R17ItJJ/Va0/DphC/sTB4A==\n-----END AGE ENCRYPTED FILE-----\n" }, { "recipient": "age1teasctdpkatekpsa47q58d3ugwyyqcuj5v9udtusk7ca9sfv694sw057a5", - "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRYmdSS29SVzdGdXdhZGE2\nSmZDUjRGMXNzbUUwYkRoQUt0Q0dFNlY3dWxBCkw0YXFOdDVqalRMM3hOT3ltOEda\ncjBORWhmUHlzNWVjb2lGNEVhUHAxMk0KLS0tIFVzbkRUZGdwNWhseWxGSHVyT2pr\nNEMxcXBZeWRLQVVrdFFleGtkL2hPR0kKRsqgjfcy2FL7zhQM4oiIniObXWnzjVb3\nTLoxsRQ+XNJ++Up3ksu2sskWvl2THswAS3PvqWnhFHdR1P+J4mbdqw==\n-----END AGE ENCRYPTED FILE-----\n" + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKVUZ0SHZhUUViMkoyV1hF\nN1R6UDhIbGJFa2NXcTg4cGdad2p4dnlTODNjCkN5N2lmWWNhU2UveGd6NSs5YTJF\nWW5UT1E0NG93emw2Ry84bVlhU1A0WWMKLS0tIDJma2txSUE1QStOaVVmNXR0WTg2\nK2NCZm9YQ1ZuNlU3bzJkWitpMjg0aTAK20zIf831MYEanBh/m2lD0lzXgnnT167J\nmu8XWlEMhQx7kPP8xeXK5fm/83roiSQkSFOBc2mJPb1V6Qab12UyLg==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-06-05T19:47:27Z", - "mac": "ENC[AES256_GCM,data:GHmrc3hb9lZMeQO4Duf1p+g2J8c6EV+a3YuN+oi20oZrQSh3JwFFdjrp6rKOQQvSeajaR3zr26/6rWu+t6B/tS5iGauBTImxKordjKfW60JoPgjJ4lpCjEiaBp6ptO6cfIvvIvlJWyehmTw2CWeBaVc1/GofW8xFzMu1osfP6Mg=,iv:YPKC1geNi1q05UpY52Uzm1A5tgKXDmmY8OWUWQU2HNA=,tag:1O7D94LU0ZsH5Qg2FvP1Yg==,type:str]", + "lastmodified": "2024-06-05T20:37:59Z", + "mac": "ENC[AES256_GCM,data:bx9NrGS5lqRfX6KcWRLGk+zGAsbEXa3UBsTmAXLzyrhucpVsjYY/FwsBQIaumYf9M9gXTxyxN5uJt6b7dw3T/wcd0FwRSCh6RCXaHTHIrAmSdRRXNsTvqkSldDfqwoV19l+Ac2xjEMP8Px5bDlKfkWn7dAClq86RiS8lEIss27M=,iv:uNKp2qaAWYk7eRkSbZ9Y6YmuYVOZxH1Ss45KDVAu1Mc=,tag:t3tm52skvtTQHfwkCKnGlQ==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.7.3" diff --git a/tnet/keys/wg-hash-akili.pub b/tnet/keys/wg-hash-akili.pub new file mode 100644 index 0000000..4079fee --- /dev/null +++ b/tnet/keys/wg-hash-akili.pub @@ -0,0 +1 @@ +Oa9mD1qPdy6gCilUqmJt6te4Hijr5WxxkVvOP/wgax8=
\ No newline at end of file diff --git a/tnet/keys/wg-hash-akili.sops.key b/tnet/keys/wg-hash-akili.sops.key new file mode 100644 index 0000000..551867e --- /dev/null +++ b/tnet/keys/wg-hash-akili.sops.key @@ -0,0 +1,28 @@ +{ + "data": "ENC[AES256_GCM,data:EhG7qFeYIUWj0G1FSaQHM3MIpbEBAm0H5N/3/40WkIFrkm1Haw/gwkPYHfY=,iv:xZzNX4pVmVyAhgDqYjsaE1yB9CBC8ZyO0HWYEBrO96M=,tag:LB4kYpDKHUwjVSK7et73pw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age13wv3rp0varlg4nvt3tca48fq8u9q3mc6yfdekjeapcmc7kaq4dysrzcmv3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyelloN2U4cmxBRDNiK1My\nUm1LSGdvck9FK21uYXNGNUhrZ0NmQ1YvRHhZCnQwTWpWNzBLLzdYMU1nZnJXQTVo\nL204RUh5R1N5aWp0OU9GTGVZTG5QUkUKLS0tIHAvb0Q3WUt6czRuR21kQnU2bEt4\ncXExRXVpSlYrMHZiaG5FdzdyQnNlTVEK+vnwouWjW4cEAfLJSE/R511y1PB+dbVW\nc+AEeYHmkq2mJww6ZOy0vdbZip2K4PUgQes+Nfqj6CCC8dw/3/vHog==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1mvh832crygenu5tu5njtraraet656rzwnawuasjggvs999dc9ueqj9qclw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1Wm9wUDRuR3QyMmJ1aXR0\nSmVOSTA3MnpiVkRuanJUNTVWNFhRY2hTQ1NjCkh6Q1laenljQnhCTGlFZm9Vb2RL\nYXNURTkzeXlXRzVOcmNrV3BtMkR0R1UKLS0tIEpkKzdzdjFoYzRJRy9VazFPNmow\nNjRkT2xlcVdZZmZ4ekdaaHRuSHJBUHMK1tiwjUIJ8udRdXRoMIeYhA7PxvE0W1HK\n247FWlIv8h3G1X+9q66O5JQheQPSSv1e3XeR3Cj1tQ4d78FkGtCLjw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1teasctdpkatekpsa47q58d3ugwyyqcuj5v9udtusk7ca9sfv694sw057a5", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1Yms4bmcxaExzWThhN1FL\ncStCc0dRK3NyRXV3ck5KTllQVTF0QXdEa3pRCjV3MEozWkRjT21CS1Z0RG1rNUMy\nUlpiRUJ5ai8wbEZGUEpueTVvYklPSW8KLS0tIGVMNnpuWWp0bks3OEFHOEk3M1Y2\nbnFGd0duUHYzUVlGZnIrTGNGVnArMDQKVtlC1EJLnpaEBGFj74YgFfJabX7fYPU6\nMepy31bqarzH+DDpPpzlUb+3FvrD8zBT70R7XYAOJSJ5p0WqcZ23+A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-06-05T20:38:00Z", + "mac": "ENC[AES256_GCM,data:9zvcm8W5NSEswBe9ulq0z12VaiRBX6+Z3gruHaOf637PNh3TicjRTQEp+Kifi+fWPQc/HnuLtu4vB1dtWvIBXu0BdnDh580ap5AU9AJD30Dhb1f00gj772j3K/koBdkjapnr7EYNe3QcqltFmrPIqutUA26UHOZxy2Pw2nzdCHo=,iv:xrHHE2pIACxMX9U+ZvJPoD980z5RQE8F/Ab27/iIbFs=,tag:2LvZZ/xK16IKr9FPwhqRug==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +}
\ No newline at end of file diff --git a/tnet/keys/wg-knot-akili.pub b/tnet/keys/wg-knot-akili.pub new file mode 100644 index 0000000..883226b --- /dev/null +++ b/tnet/keys/wg-knot-akili.pub @@ -0,0 +1 @@ +1HVM+oZOB23MszWwpxFSJasFiaKPDJxTK/HC2MGvtHo=
\ No newline at end of file diff --git a/tnet/keys/wg-knot-akili.sops.key b/tnet/keys/wg-knot-akili.sops.key new file mode 100644 index 0000000..132546a --- /dev/null +++ b/tnet/keys/wg-knot-akili.sops.key @@ -0,0 +1,28 @@ +{ + "data": "ENC[AES256_GCM,data:DCuYkK/UwFVDELXIiW/oe7iQmdM04w+LGvLp/T8Tw+u23lvbHmqi7FadMlo=,iv:gbAmJsCgKu1DbusG8yDakXWeb/RwGxwNZewa2TgVXSc=,tag:Q7dWAJbwwzyqPkP5cf5UUw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age13wv3rp0varlg4nvt3tca48fq8u9q3mc6yfdekjeapcmc7kaq4dysrzcmv3", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDL2ZmU1haSjRvbVgzYTh5\nM1JZMVhCSjVTZW5aY29FNHZCUVpPMTU5Vmp3CkUya2k5Nk9jTmVNY0JQcHNWZHZX\neVBUeFJWa0dRYWRsS1VsTWEwQmNzcjAKLS0tIHc2Y2R5UFMrdmpXSTU3OC9xamtG\nWEpLWi91Zy8zRmdQUTFBN1plTWpIQlkKT8mxUZd7BokAmWzB5CfaRquW307Zj+52\nkYD75YSq5WBvMkj0QGGkklyFM7syH9WBA9+J2t0XKPilz4OUEizAnQ==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1mvh832crygenu5tu5njtraraet656rzwnawuasjggvs999dc9ueqj9qclw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5aFd5cnRqN3hYRDc0Zi80\nUHM4L2F0NFMvN3ZISjc1b0JtSUhlTE01SG1BCjZ3djV0UFBpVWQ3em1memQ0anUy\nZS9sU05zalVIV3Q1M2dtY3FodHZ3SVEKLS0tIGFBSDV2eG9XOStYVGdRUk1SeWI0\nMEJkR3dEbUV6TEtHd3I3MlJTbEc0SVEKFb764pOkVIyPdzVYTVNnfBb24OyxSzlV\n+D/gZnSlZHIEqKGhNr2nqjN8d/T4hDVPLL5nEP11UW+JZWSGe+W22g==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age1teasctdpkatekpsa47q58d3ugwyyqcuj5v9udtusk7ca9sfv694sw057a5", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5VEY2Ykh6Z1BacTY3OWlO\nZDBEd090OWZFU2swMHNlOHVGQkNvV3Uxa2pNCk5vT1pEb2RrREgrUXFZQnJIZ3pi\nZSs3RzVjL2R5VDZkM0w0TEs1dHp1NHcKLS0tIEtFVVdqNm9tK2wrb1JHbGMyNGJT\nZFFOeUlobVVZaUNvY0xERllxL1hSSzAKvas55nnIeJrw2lQGrRXXWjF4XmCY2eKP\nYlisBF46n7DBIWg5UHlpYd+2Wl+VJ837JacuLm/GxEWOBm82B9/w4A==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-06-05T20:38:02Z", + "mac": "ENC[AES256_GCM,data:kflt/laP/0Q6iXqKe8pVBNdZxXH2SNFLsSLHHqhFpvdUlJIJDnC2v34HV74l1yWxjgOP2Vamaj7Pi8mx4/S8OrwcWfOBrGDRFpv8GBv6usT8VbzWGj281IQWy+8Zl0QMiCC2KhZbo6+R2V7CXg5PLSbDLhyPCeYKiG+HgfRVjy0=,iv:pVSrFsIjOSeMLOrYzsA2ry80gG85cfUrtTDjje6Iri8=,tag:+xE1NU5tWh60/jF1df/87Q==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.7.3" + } +}
\ No newline at end of file diff --git a/tnet/wg-links-link.yml b/tnet/wg-links-link.yml index 4b8729f..aaaf01f 100644 --- a/tnet/wg-links-link.yml +++ b/tnet/wg-links-link.yml @@ -1,5 +1,5 @@ - name: "Make netdev for {{ inventory_hostname }} -> {{ item.key }}" -# notify: systemctl restart systemd-networkd + notify: systemctl restart systemd-networkd become: yes copy: dest: "/etc/systemd/network/50-tnet-{{ item.key }}.netdev" @@ -21,13 +21,13 @@ [WireGuardPeer] PublicKey={{ lookup('file', 'keys/wg-{{ item.key }}-{{ inventory_hostname }}.pub') }} AllowedIPs=::/0 - {% if item.value.remote is defined %} - Endpoint={{ item.value.remote }} + {% if item.value.endpoint is defined %} + Endpoint={{ item.value.endpoint }} PersistentKeepalive=60 {% endif %} - name: "Make network for {{ inventory_hostname }} -> {{ item.key }}" -# notify: systemctl restart systemd-networkd + notify: systemctl restart systemd-networkd become: yes copy: dest: "/etc/systemd/network/50-tnet-{{ item.key }}.network" diff --git a/tnet/wg-links.yml b/tnet/wg-links.yml index 8c8b83f..7ed723f 100644 --- a/tnet/wg-links.yml +++ b/tnet/wg-links.yml @@ -3,9 +3,10 @@ tasks: - loop: "{{ tnet_links|default([])|dict2items }}" include_tasks: wg-links-link.yml - -#- name: systemctl restart systemd-networkd -# become: yes -# systemd: -# name: systemd-networkd -# state: restarted + handlers: + # Has to be restart for now, hash doesn't support reloading networkd + - name: systemctl restart systemd-networkd + become: yes + systemd: + name: systemd-networkd + state: restarted |