Update ansible stuff

This commit is contained in:
KemoNine 2020-08-04 20:56:28 +00:00
parent 37392a256e
commit 1f503db3ca
7 changed files with 7 additions and 9 deletions

View file

@ -3,4 +3,4 @@
# https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-wireguard/ # https://www.tauceti.blog/post/kubernetes-the-not-so-hard-way-with-ansible-wireguard/
# https://github.com/githubixx/ansible-role-wireguard # https://github.com/githubixx/ansible-role-wireguard
ansible-playbook -u ansible --private-key /opt/ansible/ssh.key -i inventory-wireguard ./playbooks/wireguard.yml ansible-playbook -u ansible --private-key /opt/ansible/ssh.key -i inventory ./wireguard.yml

View file

@ -11,9 +11,10 @@ wg:
wireguard_address: 192.168.254.11/32 wireguard_address: 192.168.254.11/32
dispatcher: dispatcher:
wireguard_containerized: true wireguard_containerized: true
wireguard_remote_directory: "/opt/wireguard"
wireguard_address: 192.168.254.1/32 wireguard_address: 192.168.254.1/32
wireguard_endpoint: "" wireguard_allowed_ips: "192.168.254.0/24"
wireguard_table: "Off" wireguard_table: "off"
wireguard_postup: wireguard_postup:
- ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0 - ip route add 192.168.254.0/24 via 192.168.254.1 dev wg0
- iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - iptables -t nat -A PREROUTING -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
@ -29,6 +30,6 @@ wg:
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 192.168.254.0/24 -j ACCEPT
- iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP - iptables -D -A INPUT -i wg0 -s 192.168.254.0/24 -d 0.0.0.0/0 -j DROP
vars: vars:
wireguard_allowed_ips: "192.168.254.0/24" wireguard_port: 51821
wireguard_endpoint: 10.5.5.246:51821 wireguard_endpoint: 10.5.5.246
wireguard_persistent_keepalive: 30 wireguard_persistent_keepalive: 30

View file

@ -1,3 +0,0 @@
# Playbooks
Various Ansible playbooks that are used to deploy software and config to PiFrames.

View file

@ -1,4 +1,4 @@
#!/bin/bash #!/bin/bash
ssh $2@$1 'echo Just ensuring the ssh key is accepted ahead of configuration' ssh $2@$1 'echo Just ensuring the ssh key is accepted ahead of configuration'
ansible-playbook ./playbooks/ansible-setup.yml -i $1, -u $2 -k ansible-playbook ./setup-ansible.yml -i $1, -u $2 -k