2020-08-04 22:17:13 +00:00
|
|
|
---
|
|
|
|
all:
|
|
|
|
hosts:
|
|
|
|
frame1:
|
2020-08-09 01:55:56 +00:00
|
|
|
ansible_host: 192.168.0.11
|
2020-08-04 22:17:13 +00:00
|
|
|
dispatcher:
|
|
|
|
ansible_connection: local
|
2020-08-09 01:55:56 +00:00
|
|
|
dispatchers:
|
|
|
|
hosts:
|
|
|
|
dispatcher:
|
2020-08-04 22:57:48 +00:00
|
|
|
frames:
|
|
|
|
hosts:
|
|
|
|
frame1:
|
2020-08-05 00:55:55 +00:00
|
|
|
vars:
|
2020-08-05 01:37:53 +00:00
|
|
|
frame_timezone: UTC
|
2020-08-05 00:55:55 +00:00
|
|
|
monit_wireguard: true
|
|
|
|
monit_wireguard_ip: 192.168.254.1
|
2020-08-10 23:49:09 +00:00
|
|
|
rtty_server: 192.168.254.1
|
|
|
|
munin_server: 192.168.254.1
|
2020-08-14 00:36:50 +00:00
|
|
|
wireguard_postup:
|
|
|
|
- ip route add 192.168.254.0/24 dev wg0
|
|
|
|
wireguard_postdown:
|
|
|
|
- ip route del 192.168.254.0/24 dev wg0
|
2020-08-04 22:57:48 +00:00
|
|
|
wg:
|
|
|
|
hosts:
|
|
|
|
frame1:
|
|
|
|
wireguard_address: 192.168.254.11/32
|
|
|
|
dispatcher:
|
|
|
|
containerized: true
|
|
|
|
wireguard_containerized: "{{ containerized }}"
|
|
|
|
wireguard_remote_directory: "/opt/wireguard"
|
|
|
|
wireguard_address: 192.168.254.1/32
|
|
|
|
wireguard_allowed_ips: "192.168.254.0/24"
|
|
|
|
wireguard_postup:
|
|
|
|
- ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
|
|
|
|
- iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
|
|
|
- iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
|
|
|
- iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
|
|
|
|
- iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
|
|
|
- iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
|
|
|
|
wireguard_postdown:
|
|
|
|
- ip route del 192.168.254.0/24 via 192.168.254.1 dev wg0
|
|
|
|
- iptables -D -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
|
|
|
- iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
|
|
|
- iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
|
|
|
|
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
|
|
|
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
|
|
|
|
vars:
|
2020-08-14 00:36:50 +00:00
|
|
|
wireguard_table: "off"
|
2020-08-04 22:57:48 +00:00
|
|
|
wireguard_port: 51821
|
2020-08-09 01:55:56 +00:00
|
|
|
wireguard_endpoint: 192.168.0.2
|
2020-08-04 22:57:48 +00:00
|
|
|
wireguard_persistent_keepalive: 30
|