home.router: add c3voc vpn
This commit is contained in:
parent
8a1a1bd8fd
commit
b80c0b12fe
GPG key ID:
12E3D2136B818350
2 changed files with 10 additions and 0 deletions
|
|
@ -17,5 +17,6 @@ for config in node.metadata.get('openvpn-client', {}).get('configs', set()):
|
||||||
svc_systemd[f'openvpn-client@{config}'] = {
|
svc_systemd[f'openvpn-client@{config}'] = {
|
||||||
'needs': {
|
'needs': {
|
||||||
f'file:/etc/openvpn/client/{config}.conf',
|
f'file:/etc/openvpn/client/{config}.conf',
|
||||||
|
'pkg_apt:openvpn',
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,7 @@ nodes['home.router'] = {
|
||||||
'iptables',
|
'iptables',
|
||||||
'netdata',
|
'netdata',
|
||||||
'nginx',
|
'nginx',
|
||||||
|
'openvpn-client',
|
||||||
'pppd',
|
'pppd',
|
||||||
'radvd',
|
'radvd',
|
||||||
'vnstat',
|
'vnstat',
|
||||||
|
|
@ -71,6 +72,9 @@ nodes['home.router'] = {
|
||||||
# External port 2022 should be home.nas
|
# External port 2022 should be home.nas
|
||||||
'iptables -t nat -A PREROUTING -p tcp --dport 2022 -j DNAT --to 172.19.138.20:22',
|
'iptables -t nat -A PREROUTING -p tcp --dport 2022 -j DNAT --to 172.19.138.20:22',
|
||||||
'iptables -A FORWARD -p tcp -d 172.19.138.20 --dport 22 -j ACCEPT',
|
'iptables -A FORWARD -p tcp -d 172.19.138.20 --dport 22 -j ACCEPT',
|
||||||
|
|
||||||
|
# use MASQUERADE for tun0 (c3voc)
|
||||||
|
'iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE',
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
'nameservers': atomic({
|
'nameservers': atomic({
|
||||||
|
|
@ -87,6 +91,11 @@ nodes['home.router'] = {
|
||||||
'enp1s0.42',
|
'enp1s0.42',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
'openvpn-client': {
|
||||||
|
'configs': {
|
||||||
|
'c3voc',
|
||||||
|
},
|
||||||
|
},
|
||||||
'radvd': {
|
'radvd': {
|
||||||
'integrate-with-pppd': True,
|
'integrate-with-pppd': True,
|
||||||
'interfaces': {
|
'interfaces': {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue