Update ansible stuff
This commit is contained in:
parent
37392a256e
commit
1f503db3ca
|
@ -3,4 +3,4 @@
|
||||||
# https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-wireguard/
|
# https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-wireguard/
|
||||||
# https://github.com/githubixx/ansible-role-wireguard
|
# https://github.com/githubixx/ansible-role-wireguard
|
||||||
|
|
||||||
ansible-playbook -u ansible --private-key /opt/ansible/ssh.key -i inventory-wireguard ./playbooks/wireguard.yml
|
ansible-playbook -u ansible --private-key /opt/ansible/ssh.key -i inventory ./wireguard.yml
|
||||||
|
|
|
@ -11,9 +11,10 @@ wg:
|
||||||
wireguard_address: 192.168.254.11/32
|
wireguard_address: 192.168.254.11/32
|
||||||
dispatcher:
|
dispatcher:
|
||||||
wireguard_containerized: true
|
wireguard_containerized: true
|
||||||
|
wireguard_remote_directory: "/opt/wireguard"
|
||||||
wireguard_address: 192.168.254.1/32
|
wireguard_address: 192.168.254.1/32
|
||||||
wireguard_endpoint: ""
|
wireguard_allowed_ips: "192.168.254.0/24"
|
||||||
wireguard_table: "Off"
|
wireguard_table: "off"
|
||||||
wireguard_postup:
|
wireguard_postup:
|
||||||
- ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
|
- ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
|
||||||
- iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
- iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
||||||
|
@ -29,6 +30,6 @@ wg:
|
||||||
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
|
||||||
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
|
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
|
||||||
vars:
|
vars:
|
||||||
wireguard_allowed_ips: "192.168.254.0/24"
|
wireguard_port: 51821
|
||||||
wireguard_endpoint: 10.5.5.246:51821
|
wireguard_endpoint: 10.5.5.246
|
||||||
wireguard_persistent_keepalive: 30
|
wireguard_persistent_keepalive: 30
|
||||||
|
|
|
@ -1,3 +0,0 @@
|
||||||
# Playbooks
|
|
||||||
|
|
||||||
Various Ansible playbooks that are used to deploy software and config to PiFrames.
|
|
|
@ -1,4 +1,4 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
ssh $2@$1 'echo Just ensuring the ssh key is accepted ahead of configuration'
|
ssh $2@$1 'echo Just ensuring the ssh key is accepted ahead of configuration'
|
||||||
ansible-playbook ./playbooks/ansible-setup.yml -i $1, -u $2 -k
|
ansible-playbook ./setup-ansible.yml -i $1, -u $2 -k
|
||||||
|
|
Loading…
Reference in a new issue