piframe/ansible/inventory

36 lines
1.6 KiB
Plaintext
Raw Normal View History

2020-08-04 05:37:36 +00:00
---
2020-08-04 18:58:38 +00:00
all:
hosts:
frame1:
ansible_host: 10.5.5.177
dispatcher:
ansible_connection: local
2020-08-04 05:37:36 +00:00
wg:
hosts:
frame1:
wireguard_address: 192.168.254.11/32
2020-08-04 18:58:38 +00:00
dispatcher:
wireguard_containerized: true
2020-08-04 20:56:28 +00:00
wireguard_remote_directory: "/opt/wireguard"
2020-08-04 05:37:36 +00:00
wireguard_address: 192.168.254.1/32
2020-08-04 20:56:28 +00:00
wireguard_allowed_ips: "192.168.254.0/24"
wireguard_table: "off"
2020-08-04 05:37:36 +00:00
wireguard_postup:
- ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
- iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
- iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
wireguard_postdown:
- ip route del 192.168.254.0/24 via 192.168.254.1 dev wg0
- iptables -D -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -D -A FORWARD -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
vars:
2020-08-04 20:56:28 +00:00
wireguard_port: 51821
wireguard_endpoint: 10.5.5.246
2020-08-04 05:37:36 +00:00
wireguard_persistent_keepalive: 30