bundlewrap/nodes/htz-cloud/wireguard.py

60 lines
1.5 KiB
Python

nodes['htz-cloud.wireguard'] = {
'hostname': '162.55.54.226',
'bundles': {
'bird',
'wireguard',
},
'groups': {
'debian-buster',
},
'metadata': {
'interfaces': {
'eth0': {
'ips': {
'162.55.54.226',
'2a01:4f8:1c1c:884d::1/64'
},
'gateway4': '172.31.1.1',
'gateway6': 'fe80::1'
},
'ens10': {
'ips': {
'172.19.137.2/32',
},
'routes': {
'172.19.137.0/24': {
'via': '172.19.137.1',
},
},
},
},
'backups': {
'exclude_from_backups': True,
},
'bird': {
'static_routes': {
'172.19.137.0/24',
},
},
'nftables': {
'rules': {
'50-router': [
'inet filter forward ct state { related, established } accept',
'inet filter forward oif eth0 accept',
'nat postrouting oif eth0 masquerade',
],
},
},
'vm': {
'cpu': 1,
'ram': 2,
},
'wireguard': {
'snat_ip': '172.19.137.2',
'peers': {
'ovh.wireguard': {},
'icinga2': {},
},
},
},
}