kunsi/bundlewrap
1
0
Fork 0
Code Issues 2 Pull requests 1 Releases Activity

add wireguard connection between htz-cloud.wireguard and kunsi-p14s

Browse source
This commit is contained in:
Franzi 2023-09-24 18:58:03 +02:00
parent a09b5b98ca
commit b9d4204060
Signed by: kunsi
GPG key ID: 12E3D2136B818350
2 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
nodes/htz-cloud/wireguard.py
View file

@ -34,6 +34,7 @@ nodes['htz-cloud.wireguard'] = {
'bird': {
'static_routes': {
'172.19.137.0/24',
'172.19.136.64/31',
},
},
'nftables': {
@ -43,6 +44,9 @@ nodes['htz-cloud.wireguard'] = {
'inet filter forward oif eth0 accept',
'nat postrouting oif eth0 masquerade',
],
'wg_special': [
'inet filter input udp dport 51819 accept',
],
},
},
'vm': {
@ -51,6 +55,15 @@ nodes['htz-cloud.wireguard'] = {
},
'wireguard': {
'snat_ip': '172.19.137.2',
'peers': {
'kunsi-p14s': {
'endpoint': None,
'exclude_from_monitoring': True,
'my_ip': '172.19.136.64',
'my_port': 51819,
'their_ip': '172.19.136.65',
},
},
},
},
}

15
nodes/kunsi-p14s.py
View file

@ -11,6 +11,7 @@ nodes['kunsi-p14s'] = {
'telegraf-battery-usage',
'vmhost',
'voc-tracker-worker',
'wireguard',
'zfs',
},
'groups': {
@ -164,6 +165,20 @@ nodes['kunsi-p14s'] = {
'token': vault.decrypt('encrypt$gAAAAABiYqaFl4CqOc8DTQIn49Qq0KgAJSzA19GKPNMbyHIjYg0JkvY0sK43ps8CbJWMRR6hJHVK-nP4vrWLwyoWWqt8N8aASMur4odC2s8pEHQKM0TXg4cRwobQz_lyJgrYa2VYdhcD'),
'secret': vault.decrypt('encrypt$gAAAAABiYqaYbY-3IbnRk-S25pqxrOGN7ovgPo3kBYz8ZqKDedPRzskKZefpLHxBbCOZKjg1XNT4cKbIs5cPCLdj7HdY4beAhnXl4EHZZdxU1zVC7sJCmz9XOS_Ac0UOgOlUFMiet14U'),
},
'wireguard': {
'peers': {
'htz-cloud.wireguard': {
'auto_connection': False,
'endpoint': 'wireguard.htz-cloud.kunbox.net:51819',
'my_ip': '172.19.136.65',
'my_port': 51819,
'their_ip': '172.19.136.64',
'routes': {
'172.19.128.0/20',
},
},
},
},
'zfs': {
'pools': {
'zroot': {