From 90a84fc9da23acf2b0d2566021354ae84dce9c46 Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sat, 24 Apr 2021 08:53:20 +0200 Subject: [PATCH] htz-cloud: add wireguard node, add internal network to nodes --- nodes/htz-cloud/luther.py | 11 +++++++++ nodes/htz-cloud/pleroma.py | 11 +++++++++ nodes/htz-cloud/sewfile.py | 11 +++++++++ nodes/htz-cloud/wireguard.py | 47 ++++++++++++++++++++++++++++++++++++ nodes/ovh/wireguard.py | 1 + 5 files changed, 81 insertions(+) create mode 100644 nodes/htz-cloud/wireguard.py diff --git a/nodes/htz-cloud/luther.py b/nodes/htz-cloud/luther.py index a1d0b5b..0812d30 100644 --- a/nodes/htz-cloud/luther.py +++ b/nodes/htz-cloud/luther.py @@ -18,6 +18,17 @@ nodes['htz-cloud.luther'] = { 'gateway4': '172.31.1.1', 'gateway6': 'fe80::1', }, + 'ens10': { + 'ips': { + '172.19.137.4/32', + }, + 'routes': { + # VPN + '172.19.136.0/22': { + 'via': '172.19.137.1', + }, + }, + }, }, 'apt': { 'packages': { diff --git a/nodes/htz-cloud/pleroma.py b/nodes/htz-cloud/pleroma.py index a7473db..2f8ff14 100644 --- a/nodes/htz-cloud/pleroma.py +++ b/nodes/htz-cloud/pleroma.py @@ -18,6 +18,17 @@ nodes['htz-cloud.pleroma'] = { 'gateway4': '172.31.1.1', 'gateway6': 'fe80::1', }, + 'ens10': { + 'ips': { + '172.19.137.5/32', + }, + 'routes': { + # VPN + '172.19.136.0/22': { + 'via': '172.19.137.1', + }, + }, + }, }, 'icinga_options': { 'pretty_name': 'cybert-media.net', diff --git a/nodes/htz-cloud/sewfile.py b/nodes/htz-cloud/sewfile.py index fb23a03..2d6dacb 100644 --- a/nodes/htz-cloud/sewfile.py +++ b/nodes/htz-cloud/sewfile.py @@ -20,6 +20,17 @@ nodes['htz-cloud.sewfile'] = { 'gateway4': '172.31.1.1', 'gateway6': 'fe80::1', }, + 'ens10': { + 'ips': { + '172.19.137.3/32', + }, + 'routes': { + # VPN + '172.19.136.0/22': { + 'via': '172.19.137.1', + }, + }, + }, }, 'backups': { 'paths': { diff --git a/nodes/htz-cloud/wireguard.py b/nodes/htz-cloud/wireguard.py new file mode 100644 index 0000000..54229c6 --- /dev/null +++ b/nodes/htz-cloud/wireguard.py @@ -0,0 +1,47 @@ +nodes['htz-cloud.wireguard'] = { + 'hostname': '162.55.54.226', + 'bundles': { + 'wireguard', + }, + 'groups': { + 'debian-buster', + }, + 'metadata': { + 'interfaces': { + 'eth0': { + 'ips': { + '162.55.54.226', + '2a01:4f8:1c1c:884d::1/64' + }, + 'gateway4': '172.31.1.1', + 'gateway6': 'fe80::1' + }, + 'ens10': { + 'ips': { + '172.19.137.2/32', + }, + 'routes': { + '172.19.137.0/24': { + 'via': '172.19.137.1', + }, + }, + }, + }, + 'backups': { + 'exclude_from_backups': True, + }, + 'vm': { + 'cpu': 1, + 'ram': 2, + }, + 'wireguard': { + 'my_ip': '172.19.136.4/22', + 'peers': { + 'ovh.wireguard': {}, + }, + 'subnets': { + '172.19.137.0/24', + }, + }, + }, +} diff --git a/nodes/ovh/wireguard.py b/nodes/ovh/wireguard.py index 7be4b28..e5d9360 100644 --- a/nodes/ovh/wireguard.py +++ b/nodes/ovh/wireguard.py @@ -28,6 +28,7 @@ nodes['ovh.wireguard'] = { 'peers': { 'ovh.icinga2': {}, 'home.router': {}, + 'htz-cloud.wireguard': {}, 'kunsi-oneplus3': { 'ips': { '172.19.136.100/32',