From 7ee547e760db3e776ab7ecd676ed4b8afca0f04b Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Sun, 3 Sep 2023 20:15:20 +0200
Subject: lhn

---
 ansible/ansible.cfg                                    |  3 ++-
 ansible/group_vars/all/wireguard_wg0.yml               |  6 ++++++
 ansible/inventory                                      |  6 ++++++
 ansible/plays/files/lhnix/etc/wireguard/public-wg0.key |  1 +
 ansible/plays/files/lhnpi/etc/wireguard/public-wg0.key |  1 +
 ansible/roles/wireguard/tasks/main.yml                 | 14 +++++++-------
 6 files changed, 23 insertions(+), 8 deletions(-)
 create mode 100644 ansible/plays/files/lhnix/etc/wireguard/public-wg0.key
 create mode 100644 ansible/plays/files/lhnpi/etc/wireguard/public-wg0.key

(limited to 'ansible')

diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
index 1904149..6da8010 100644
--- a/ansible/ansible.cfg
+++ b/ansible/ansible.cfg
@@ -1,7 +1,8 @@
 [defaults]
 become_method = sudo
 connection_plugins = ./connection_plugins
-inventory = ./inventory,./inventory-terraform
+inventory = ./inventory
+#,./inventory-terraform
 nocows = True
 stdout_callback = debug
 vault_password_file = ./.vault-password
diff --git a/ansible/group_vars/all/wireguard_wg0.yml b/ansible/group_vars/all/wireguard_wg0.yml
index 5d8e450..65d6520 100644
--- a/ansible/group_vars/all/wireguard_wg0.yml
+++ b/ansible/group_vars/all/wireguard_wg0.yml
@@ -44,3 +44,9 @@ wireguard_wg0:
       listen_port: 51821
       peers: all
       ipv6: fdf3:aad9:a885:0b3a::13
+    lhnpi:
+      state: present
+      ipv6: fdf3:aad9:a885:0b3a::14
+    lhnix:
+      state: present
+      ipv6: fdf3:aad9:a885:0b3a::15
diff --git a/ansible/inventory b/ansible/inventory
index 9078262..71b25fa 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -49,6 +49,10 @@ all:
       ansible_host: "fd56:1ae9:097d:3ddd:ecd7:7f0a:79cd:343c"
     conflatorio-test5:
       ansible_host: "fd56:1ae9:097d:3ddd:5375:e67b:7878:310d"
+    lhnpi:
+      ansible_host: 192.168.100.8
+    lhnix:
+      ansible_host: 192.168.100.7
 
     zh2569.rsync.net:
       ansible_user: zh2569
@@ -165,5 +169,7 @@ all:
         malabaricus:
         sweetzpot-macos:
         sweetzpot-mobile:
+        lhnpi:
+        lhnix:
 
 # vim: set filetype=yaml:
diff --git a/ansible/plays/files/lhnix/etc/wireguard/public-wg0.key b/ansible/plays/files/lhnix/etc/wireguard/public-wg0.key
new file mode 100644
index 0000000..588621e
--- /dev/null
+++ b/ansible/plays/files/lhnix/etc/wireguard/public-wg0.key
@@ -0,0 +1 @@
+qGGsJvvaZWjyjATnPKq/4rpCseuuqiWnS3qSpTntl04=
diff --git a/ansible/plays/files/lhnpi/etc/wireguard/public-wg0.key b/ansible/plays/files/lhnpi/etc/wireguard/public-wg0.key
new file mode 100644
index 0000000..df1ce0a
--- /dev/null
+++ b/ansible/plays/files/lhnpi/etc/wireguard/public-wg0.key
@@ -0,0 +1 @@
+Flf2BKoYAvE4oZc/+l0sn4GldkI/lKXObrJXdBpvakI=
diff --git a/ansible/roles/wireguard/tasks/main.yml b/ansible/roles/wireguard/tasks/main.yml
index a91aea5..193b549 100644
--- a/ansible/roles/wireguard/tasks/main.yml
+++ b/ansible/roles/wireguard/tasks/main.yml
@@ -3,8 +3,8 @@
   become: yes
   when: wireguard__state == 'present'
   vars:
-    wg_net: "{{ hostvars[ansible_hostname][wireguard__name] }}"
-    wg_host: "{{ wg_net.hosts[ansible_hostname] }}"
+    wg_net: "{{ hostvars[inventory_hostname][wireguard__name] }}"
+    wg_host: "{{ wg_net.hosts[inventory_hostname] }}"
     all_peers: "{{ wg_host.peers is defined and wg_host.peers == 'all' }}"
     netdev_path: "/etc/systemd/network/60-{{ wg_net.if }}.netdev"
     network_path: "/etc/systemd/network/61-{{ wg_net.if }}.network"
@@ -104,11 +104,11 @@
           Name={{ wg_net.if }}
 
           [Network]
-          {% if wg_net.hosts[ansible_hostname].ipv4 is defined %}
-          Address={{ wg_net.hosts[ansible_hostname].ipv4 }}/{{ wg_net.ipv4_prefix }}
+          {% if wg_net.hosts[inventory_hostname].ipv4 is defined %}
+          Address={{ wg_net.hosts[inventory_hostname].ipv4 }}/{{ wg_net.ipv4_prefix }}
           {% endif %}
-          {% if wg_net.hosts[ansible_hostname].ipv6 is defined %}
-          Address={{ wg_net.hosts[ansible_hostname].ipv6 }}/{{ wg_net.ipv6_prefix }}
+          {% if wg_net.hosts[inventory_hostname].ipv6 is defined %}
+          Address={{ wg_net.hosts[inventory_hostname].ipv6 }}/{{ wg_net.ipv6_prefix }}
           {% endif %}
           {% if wg_net.shared_routes is defined %}
 
@@ -124,7 +124,7 @@
   become: yes
   when: wireguard__state == 'absent'
   vars:
-    wg_net: "{{ hostvars[ansible_hostname][wireguard__name] }}"
+    wg_net: "{{ hostvars[inventory_hostname][wireguard__name] }}"
     netdev_path: "/etc/systemd/network/60-{{ wg_net.if }}.netdev"
     network_path: "/etc/systemd/network/61-{{ wg_net.if }}.network"
   block:
-- 
cgit v1.2.3