forked from Deuxfleurs/infrastructure
27 lines
909 B
Text
27 lines
909 B
Text
|
# Template configuration file for VPN nodes that are non in the cluster
|
||
|
|
# External nodes should be registered in network/vars/main.yml
|
||
|
|
|
||
|
|
[Interface]
|
||
|
|
Address = <INSERT YOUR IP HERE, IT SHOULD MATCH THE ONE IN vars/main.yml>
|
||
|
|
PrivateKey = <INSERT YOUR PRIVKEY HERE, IT SHOULD MATCH THE PUBKEY IN vars/main.yml>
|
||
|
|
ListenPort = 51820
|
||
|
|
|
||
|
|
# Cluster nodes
|
||
|
|
{% for selected_host in groups['cluster_nodes'] %}
|
||
|
|
[Peer]
|
||
|
|
PublicKey = {{ hostvars[selected_host].wireguard_pubkey.stdout }}
|
||
|
|
Endpoint = {{ hostvars[selected_host].public_ip }}:{{ hostvars[selected_host].public_vpn_port }}
|
||
|
|
AllowedIPs = {{ hostvars[selected_host].vpn_ip }}/32
|
||
|
|
PersistentKeepalive = 25
|
||
|
|
{% endfor %}
|
||
|
|
|
||
|
|
# External nodes
|
||
|
|
# TODO: remove yourself from here
|
||
|
|
{% for host in other_vpn_nodes %}
|
||
|
|
[Peer]
|
||
|
|
PublicKey = {{ host.pubkey }}
|
||
|
|
Endpoint = {{ host.public_ip }}:{{ host.public_vpn_port }}
|
||
|
|
AllowedIPs = {{ host.vpn_ip }}/32
|
||
|
|
PersistentKeepalive = 25
|
||
|
|
{% endfor %}
|