bundles/wireguard: add netdev and network files, add iptables rules
All checks were successful
bundlewrap/pipeline/head This commit looks good
All checks were successful
bundlewrap/pipeline/head This commit looks good
This commit is contained in:
parent
e2490df48e
commit
58ca3fa9ae
GPG key ID:
12E3D2136B818350
8 changed files with 168 additions and 8 deletions
|
|
@ -11,6 +11,7 @@ nodes['home.router'] = {
|
|||
'dhcpd',
|
||||
'vnstat',
|
||||
'wide-dhcp6c',
|
||||
'wireguard',
|
||||
},
|
||||
'groups': {
|
||||
'debian-buster',
|
||||
|
|
@ -41,9 +42,6 @@ nodes['home.router'] = {
|
|||
# day.
|
||||
'restart_pppd': '23 2 * * * root systemctl restart pppoe',
|
||||
},
|
||||
'icinga_options': {
|
||||
'hostname': 'franzi-home.kunbox.net',
|
||||
},
|
||||
'iptables': {
|
||||
'custom_rules': [
|
||||
# This is a router. Allow forwarding traffic for all internal networks.
|
||||
|
|
@ -133,5 +131,18 @@ nodes['home.router'] = {
|
|||
'enp1s0.42': '1',
|
||||
},
|
||||
},
|
||||
'wireguard': {
|
||||
# TODO autogenerate?
|
||||
'my_ip': '172.19.137.2/32',
|
||||
'subnets': {
|
||||
'172.19.138.0/24',
|
||||
'172.19.139.0/24',
|
||||
},
|
||||
'peers': {
|
||||
'ovh.wireguard': {
|
||||
'do_not_initiate_a_connection_from_your_side': True,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue