From f7167deadc57482d7665af120bc659d5b566a9aa Mon Sep 17 00:00:00 2001 From: KemoNine Date: Tue, 4 Aug 2020 22:57:48 +0000 Subject: [PATCH] Another attempt to fix inventory --- inventory.example | 65 +++++++++++++++++++++++------------------------ 1 file changed, 32 insertions(+), 33 deletions(-) diff --git a/inventory.example b/inventory.example index c59bdd8..fe5e56c 100644 --- a/inventory.example +++ b/inventory.example @@ -5,36 +5,35 @@ all: ansible_host: 10.5.5.177 dispatcher: ansible_connection: local - children: - frames: - hosts: - frame1: - wg: - hosts: - frame1: - wireguard_address: 192.168.254.11/32 - dispatcher: - containerized: true - wireguard_containerized: {{ containerized }} - wireguard_remote_directory: "/opt/wireguard" - wireguard_address: 192.168.254.1/32 - wireguard_allowed_ips: "192.168.254.0/24" - wireguard_table: "off" - wireguard_postup: - - ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0 - - iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP - - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP - wireguard_postdown: - - ip route del 192.168.254.0/24 via 192.168.254.1 dev wg0 - - iptables -D -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP - - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP - vars: - wireguard_port: 51821 - wireguard_endpoint: 10.5.5.246 - wireguard_persistent_keepalive: 30 +frames: + hosts: + frame1: +wg: + hosts: + frame1: + wireguard_address: 192.168.254.11/32 + dispatcher: + containerized: true + wireguard_containerized: "{{ containerized }}" + wireguard_remote_directory: "/opt/wireguard" + wireguard_address: 192.168.254.1/32 + wireguard_allowed_ips: "192.168.254.0/24" + wireguard_table: "off" + wireguard_postup: + - ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0 + - iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT + - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT + - iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP + - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT + - iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP + wireguard_postdown: + - ip route del 192.168.254.0/24 via 192.168.254.1 dev wg0 + - iptables -D -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT + - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT + - iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP + - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT + - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP + vars: + wireguard_port: 51821 + wireguard_endpoint: 10.5.5.246 + wireguard_persistent_keepalive: 30