bundlewrap/nodes/htz-cloud/wireguard.py

75 lines
1.9 KiB
Python

nodes['htz-cloud.wireguard'] = {
'hostname': '162.55.54.226',
'bundles': {
'bird',
'wireguard',
},
'groups': {
'debian-bookworm',
},
'metadata': {
'interfaces': {
'eth0': {
'ips': {
'162.55.54.226',
'2a01:4f8:1c1c:884d::1/64'
},
'gateway4': '172.31.1.1',
'gateway6': 'fe80::1'
},
'ens10': {
'ips': {
'172.19.137.2/32',
},
'routes': {
'172.19.137.0/24': {
'via': '172.19.137.1',
},
},
},
},
'backups': {
'exclude_from_backups': True,
},
'bird': {
'static_routes': {
'172.19.137.0/24',
'172.19.136.64/31',
},
},
'nftables': {
'forward': {
'50-router': [
'ct state { related, established } accept',
'oifname eth0 accept',
],
},
'input': {
'50-wireguard': [
'udp dport 1194 accept',
],
},
'postrouting': {
'50-router': [
'oifname eth0 masquerade',
],
},
},
'vm': {
'cpu': 1,
'ram': 2,
},
'wireguard': {
'snat_ip': '172.19.137.2',
'peers': {
'kunsi-p14s': {
'endpoint': None,
'exclude_from_monitoring': True,
'my_ip': '172.19.136.64',
'my_port': 1194,
'their_ip': '172.19.136.65',
},
},
},
},
}