Fixup inventory

2020-08-04 22:56:33 +00:00 · 2020-08-04 22:56:33 +00:00 · 0f6997e7ab
parent 170f46786d
commit 0f6997e7ab
1 changed files with 33 additions and 32 deletions
--- a/inventory.example
+++ b/inventory.example
@ -5,35 +5,36 @@ all:
      ansible_host: 10.5.5.177
    dispatcher:
      ansible_connection: local
-frames:
+  children:
-  hosts:
+    frames:
-    frame1:
+      hosts:
-wg:
+        frame1:
-  hosts:
+    wg:
-      frame1:
+      hosts:
-        wireguard_address: 192.168.254.11/32
+          frame1:
-      dispatcher:
+            wireguard_address: 192.168.254.11/32
-        containerized: true
+          dispatcher:
-        wireguard_containerized: {{ containerized }}
+            containerized: true
-        wireguard_remote_directory: "/opt/wireguard"
+            wireguard_containerized: {{ containerized }}
-        wireguard_address: 192.168.254.1/32
+            wireguard_remote_directory: "/opt/wireguard"
-        wireguard_allowed_ips: "192.168.254.0/24"
+            wireguard_address: 192.168.254.1/32
-        wireguard_table: "off"
+            wireguard_allowed_ips: "192.168.254.0/24"
-        wireguard_postup:
+            wireguard_table: "off"
-          - ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
+            wireguard_postup:
-          - iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
+              - ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
-          - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
+              - iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
-          - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
+              - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
-          - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
+              - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
-          - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
+              - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
-        wireguard_postdown:
+              - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
-          - ip route del 192.168.254.0/24 via 192.168.254.1 dev wg0
+            wireguard_postdown:
-          - iptables -D -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
+              - ip route del 192.168.254.0/24 via 192.168.254.1 dev wg0
-          - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
+              - iptables -D -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
-          - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
+              - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
-          - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
+              - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
-          - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
+              - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
-  vars:
+              - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
-    wireguard_port: 51821
+      vars:
-    wireguard_endpoint: 10.5.5.246
+        wireguard_port: 51821
-    wireguard_persistent_keepalive: 30
+        wireguard_endpoint: 10.5.5.246
        wireguard_persistent_keepalive: 30