From 1f503db3ca0cbfb35af912bdcc2b52f866897cff Mon Sep 17 00:00:00 2001 From: KemoNine Date: Tue, 4 Aug 2020 20:56:28 +0000 Subject: [PATCH] Update ansible stuff --- ansible/deploy-wireguard.sh | 2 +- ansible/inventory | 9 +++++---- ansible/playbooks/README.md | 3 --- ansible/setup-ansible-host.sh | 2 +- ansible/{playbooks => }/setup-ansible.yml | 0 ansible/{playbooks => }/update-software.yml | 0 ansible/{playbooks => }/wireguard.yml | 0 7 files changed, 7 insertions(+), 9 deletions(-) delete mode 100644 ansible/playbooks/README.md rename ansible/{playbooks => }/setup-ansible.yml (100%) rename ansible/{playbooks => }/update-software.yml (100%) rename ansible/{playbooks => }/wireguard.yml (100%) diff --git a/ansible/deploy-wireguard.sh b/ansible/deploy-wireguard.sh index eeb2a14..40a7a3a 100644 --- a/ansible/deploy-wireguard.sh +++ b/ansible/deploy-wireguard.sh @@ -3,4 +3,4 @@ # https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-wireguard/ # https://github.com/githubixx/ansible-role-wireguard -ansible-playbook -u ansible --private-key /opt/ansible/ssh.key -i inventory-wireguard ./playbooks/wireguard.yml +ansible-playbook -u ansible --private-key /opt/ansible/ssh.key -i inventory ./wireguard.yml diff --git a/ansible/inventory b/ansible/inventory index 1e4fa4d..e4999b3 100644 --- a/ansible/inventory +++ b/ansible/inventory @@ -11,9 +11,10 @@ wg: wireguard_address: 192.168.254.11/32 dispatcher: wireguard_containerized: true + wireguard_remote_directory: "/opt/wireguard" wireguard_address: 192.168.254.1/32 - wireguard_endpoint: "" - wireguard_table: "Off" + wireguard_allowed_ips: "192.168.254.0/24" + wireguard_table: "off" wireguard_postup: - ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0 - iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT @@ -29,6 +30,6 @@ wg: - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP vars: - wireguard_allowed_ips: "192.168.254.0/24" - wireguard_endpoint: 10.5.5.246:51821 + wireguard_port: 51821 + wireguard_endpoint: 10.5.5.246 wireguard_persistent_keepalive: 30 diff --git a/ansible/playbooks/README.md b/ansible/playbooks/README.md deleted file mode 100644 index 3fe4ff9..0000000 --- a/ansible/playbooks/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Playbooks - -Various Ansible playbooks that are used to deploy software and config to PiFrames. diff --git a/ansible/setup-ansible-host.sh b/ansible/setup-ansible-host.sh index c04077e..7e8cbbc 100644 --- a/ansible/setup-ansible-host.sh +++ b/ansible/setup-ansible-host.sh @@ -1,4 +1,4 @@ #!/bin/bash ssh $2@$1 'echo Just ensuring the ssh key is accepted ahead of configuration' -ansible-playbook ./playbooks/ansible-setup.yml -i $1, -u $2 -k +ansible-playbook ./setup-ansible.yml -i $1, -u $2 -k diff --git a/ansible/playbooks/setup-ansible.yml b/ansible/setup-ansible.yml similarity index 100% rename from ansible/playbooks/setup-ansible.yml rename to ansible/setup-ansible.yml diff --git a/ansible/playbooks/update-software.yml b/ansible/update-software.yml similarity index 100% rename from ansible/playbooks/update-software.yml rename to ansible/update-software.yml diff --git a/ansible/playbooks/wireguard.yml b/ansible/wireguard.yml similarity index 100% rename from ansible/playbooks/wireguard.yml rename to ansible/wireguard.yml