add wireguard connection between htz-cloud.wireguard and kunsi-p14s
This commit is contained in:
parent
a09b5b98ca
commit
b9d4204060
GPG key ID:
12E3D2136B818350
2 changed files with 28 additions and 0 deletions
|
|
@ -34,6 +34,7 @@ nodes['htz-cloud.wireguard'] = {
|
||||||
'bird': {
|
'bird': {
|
||||||
'static_routes': {
|
'static_routes': {
|
||||||
'172.19.137.0/24',
|
'172.19.137.0/24',
|
||||||
|
'172.19.136.64/31',
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'nftables': {
|
'nftables': {
|
||||||
|
|
@ -43,6 +44,9 @@ nodes['htz-cloud.wireguard'] = {
|
||||||
'inet filter forward oif eth0 accept',
|
'inet filter forward oif eth0 accept',
|
||||||
'nat postrouting oif eth0 masquerade',
|
'nat postrouting oif eth0 masquerade',
|
||||||
],
|
],
|
||||||
|
'wg_special': [
|
||||||
|
'inet filter input udp dport 51819 accept',
|
||||||
|
],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
'vm': {
|
'vm': {
|
||||||
|
|
@ -51,6 +55,15 @@ nodes['htz-cloud.wireguard'] = {
|
||||||
},
|
},
|
||||||
'wireguard': {
|
'wireguard': {
|
||||||
'snat_ip': '172.19.137.2',
|
'snat_ip': '172.19.137.2',
|
||||||
|
'peers': {
|
||||||
|
'kunsi-p14s': {
|
||||||
|
'endpoint': None,
|
||||||
|
'exclude_from_monitoring': True,
|
||||||
|
'my_ip': '172.19.136.64',
|
||||||
|
'my_port': 51819,
|
||||||
|
'their_ip': '172.19.136.65',
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@ nodes['kunsi-p14s'] = {
|
||||||
'telegraf-battery-usage',
|
'telegraf-battery-usage',
|
||||||
'vmhost',
|
'vmhost',
|
||||||
'voc-tracker-worker',
|
'voc-tracker-worker',
|
||||||
|
'wireguard',
|
||||||
'zfs',
|
'zfs',
|
||||||
},
|
},
|
||||||
'groups': {
|
'groups': {
|
||||||
|
|
@ -164,6 +165,20 @@ nodes['kunsi-p14s'] = {
|
||||||
'token': vault.decrypt('encrypt$gAAAAABiYqaFl4CqOc8DTQIn49Qq0KgAJSzA19GKPNMbyHIjYg0JkvY0sK43ps8CbJWMRR6hJHVK-nP4vrWLwyoWWqt8N8aASMur4odC2s8pEHQKM0TXg4cRwobQz_lyJgrYa2VYdhcD'),
|
'token': vault.decrypt('encrypt$gAAAAABiYqaFl4CqOc8DTQIn49Qq0KgAJSzA19GKPNMbyHIjYg0JkvY0sK43ps8CbJWMRR6hJHVK-nP4vrWLwyoWWqt8N8aASMur4odC2s8pEHQKM0TXg4cRwobQz_lyJgrYa2VYdhcD'),
|
||||||
'secret': vault.decrypt('encrypt$gAAAAABiYqaYbY-3IbnRk-S25pqxrOGN7ovgPo3kBYz8ZqKDedPRzskKZefpLHxBbCOZKjg1XNT4cKbIs5cPCLdj7HdY4beAhnXl4EHZZdxU1zVC7sJCmz9XOS_Ac0UOgOlUFMiet14U'),
|
'secret': vault.decrypt('encrypt$gAAAAABiYqaYbY-3IbnRk-S25pqxrOGN7ovgPo3kBYz8ZqKDedPRzskKZefpLHxBbCOZKjg1XNT4cKbIs5cPCLdj7HdY4beAhnXl4EHZZdxU1zVC7sJCmz9XOS_Ac0UOgOlUFMiet14U'),
|
||||||
},
|
},
|
||||||
|
'wireguard': {
|
||||||
|
'peers': {
|
||||||
|
'htz-cloud.wireguard': {
|
||||||
|
'auto_connection': False,
|
||||||
|
'endpoint': 'wireguard.htz-cloud.kunbox.net:51819',
|
||||||
|
'my_ip': '172.19.136.65',
|
||||||
|
'my_port': 51819,
|
||||||
|
'their_ip': '172.19.136.64',
|
||||||
|
'routes': {
|
||||||
|
'172.19.128.0/20',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
'zfs': {
|
'zfs': {
|
||||||
'pools': {
|
'pools': {
|
||||||
'zroot': {
|
'zroot': {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue