From a8e84419964d7e86e2edcb48b16360118d7e5f28 Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Fri, 30 Oct 2020 14:40:03 +0100
Subject: wireguard: Mixed pub/key files. New vs0 keys.

---
 ansible/plays/files/wireguard/vs0/akili.pub    |  1 +
 ansible/plays/files/wireguard/vs0/birgitte.pub |  2 +-
 ansible/plays/wireguard-vs0.yml                | 11 +++++------
 ansible/roles/wireguard2/defaults/main.yml     |  4 ++--
 4 files changed, 9 insertions(+), 9 deletions(-)
 create mode 100644 ansible/plays/files/wireguard/vs0/akili.pub

(limited to 'ansible')

diff --git a/ansible/plays/files/wireguard/vs0/akili.pub b/ansible/plays/files/wireguard/vs0/akili.pub
new file mode 100644
index 0000000..a2538f0
--- /dev/null
+++ b/ansible/plays/files/wireguard/vs0/akili.pub
@@ -0,0 +1 @@
+2DB9LXhRUBzhKCN/gEbybDE1Rt1Lc18IOSDsxeCUS2E=
diff --git a/ansible/plays/files/wireguard/vs0/birgitte.pub b/ansible/plays/files/wireguard/vs0/birgitte.pub
index fcc93c3..ea6e08a 100644
--- a/ansible/plays/files/wireguard/vs0/birgitte.pub
+++ b/ansible/plays/files/wireguard/vs0/birgitte.pub
@@ -1 +1 @@
-NBTz38oefUN5Thj7kwcL91fV7HL+xf6iju5/AgR2bC0=
+iQ498LH696x3WXqb6pdqnZQ9XLwPH2BpRVtoKWhbtH4=
diff --git a/ansible/plays/wireguard-vs0.yml b/ansible/plays/wireguard-vs0.yml
index 04eee72..079e373 100644
--- a/ansible/plays/wireguard-vs0.yml
+++ b/ansible/plays/wireguard-vs0.yml
@@ -21,12 +21,12 @@
           network: 10.137.3.0
           prefix: 24
         akili:
-          address: 192.168.137.4/24
-          network: 10.137.4.0
+          address: 192.168.137.104/24
+          network: 10.137.104.0
           prefix: 24
         birgitte:
-          address: 192.168.137.5/24
-          network: 10.137.5.0
+          address: 192.168.137.105/24
+          network: 10.137.105.0
           prefix: 24
 
       wireguard_routers:
@@ -46,6 +46,7 @@
           network: "{{ networks['birgitte'].network }}/{{ networks['birgitte'].prefix }}"
           state: "{{ 'absent' if ansible_hostname == 'birgitte' else 'present' }}"
 
+      # The peers' public keys are in plays/files/wireguard/vs0
       wireguard_peers:
         vimscore-1:
           endpoint: vimscore-1.vimscore.com
@@ -63,12 +64,10 @@
             - "{{ networks['vimscore-3'].address | ipaddr('address') }}/32"
             - "{{ networks['vimscore-3'].network }}/{{ networks['vimscore-3'].prefix }}"
         akili:
-          public_key: UZc6XKf9ULUbBc4CI01DdCdyuj+lHvc1NQRhGJH/TE4=
           allowed_ips:
             - "{{ networks['akili'].address | ipaddr('address') }}/32"
             - "{{ networks['akili'].network }}/{{ networks['akili'].prefix }}"
         birgitte:
-          public_key: NBTz38oefUN5Thj7kwcL91fV7HL+xf6iju5/AgR2bC0=
           allowed_ips:
             - "{{ networks['birgitte'].address | ipaddr('address') }}/32"
             - "{{ networks['birgitte'].network }}/{{ networks['birgitte'].prefix }}"
diff --git a/ansible/roles/wireguard2/defaults/main.yml b/ansible/roles/wireguard2/defaults/main.yml
index 43bc7c6..3a7766b 100644
--- a/ansible/roles/wireguard2/defaults/main.yml
+++ b/ansible/roles/wireguard2/defaults/main.yml
@@ -10,5 +10,5 @@ file_index: 60
 path_prefix: "/etc/systemd/network/{{ file_index }}"
 netdev_path: "{{ path_prefix }}-{{ wireguard_if}}.netdev"
 network_path: "{{ path_prefix }}-{{ wireguard_if}}.network"
-public_key_path: "{{ path_prefix }}-{{ wireguard_if}}.key"
-private_key_path: "{{ path_prefix }}-{{ wireguard_if}}.pub"
+public_key_path: "{{ path_prefix }}-{{ wireguard_if}}.pub"
+private_key_path: "{{ path_prefix }}-{{ wireguard_if}}.key"
-- 
cgit v1.2.3