home.router: add c3voc vpn

2020-12-08 17:45:30 +01:00 · 2020-12-08 17:45:30 +01:00 · b80c0b12fe
commit b80c0b12fe
parent 8a1a1bd8fd
2 changed files with 10 additions and 0 deletions
--- a/nodes/home/router.py
+++ b/nodes/home/router.py
@ -7,6 +7,7 @@ nodes['home.router'] = {
        'iptables',
        'netdata',
        'nginx',
+        'openvpn-client',
        'pppd',
        'radvd',
        'vnstat',
@ -71,6 +72,9 @@ nodes['home.router'] = {
                # External port 2022 should be home.nas
                'iptables -t nat -A PREROUTING -p tcp --dport 2022 -j DNAT --to 172.19.138.20:22',
                'iptables -A FORWARD -p tcp -d 172.19.138.20 --dport 22 -j ACCEPT',
+
+                # use MASQUERADE for tun0 (c3voc)
+                'iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE',
            ],
        },
        'nameservers': atomic({
@ -87,6 +91,11 @@ nodes['home.router'] = {
                'enp1s0.42',
            },
        },
+        'openvpn-client': {
+            'configs': {
+                'c3voc',
+            },
+        },
        'radvd': {
            'integrate-with-pppd': True,
            'interfaces': {