diff options
Diffstat (limited to 'inventory/host_vars')
-rw-r--r-- | inventory/host_vars/ele-gwhetzner.yml | 8 | ||||
-rw-r--r-- | inventory/host_vars/ele-media.yml | 17 |
2 files changed, 24 insertions, 1 deletions
diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml index aeaa936f..f68ff783 100644 --- a/inventory/host_vars/ele-gwhetzner.yml +++ b/inventory/host_vars/ele-gwhetzner.yml @@ -44,6 +44,14 @@ wireguard_gateway_tunnels: priv_key: "{{ wireguard_keys.elemedia.priv }}" addresses: - 192.168.254.1/30 + ip_snat: + interface: "{{ network.primary.interface }}" + to: "{{ network.primary.overlay }}" + port_forwardings: + - dest: "{{ network.primary.overlay }}" + tcp_ports: + 80: 192.168.254.2:80 + 443: 192.168.254.2:443 peers: - pub_key: "{{ hostvars['ele-media'].wireguard_keys.gwhetzner.pub }}" allowed_ips: diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml index a0a388e9..ea298088 100644 --- a/inventory/host_vars/ele-media.yml +++ b/inventory/host_vars/ele-media.yml @@ -12,7 +12,7 @@ network: mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}" gateway: "{{ network_zones.lan.gateway }}" -network_setup: r3-with-lan # elevate-festival +network_setup: elevate-festival dyndns: @@ -72,3 +72,18 @@ wireguard_keys: gwhetzner: pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg=" priv: "{{ vault_wireguard_priv_keys.gwhetzner }}" + +wireguard_gateway_tunnels: + wg-gwhetzner: + priv_key: "{{ wireguard_keys.gwhetzner.priv }}" + addresses: + - 192.168.254.2/30 + default_gateway: + outer: 178.63.180.138 + inner: 192.168.254.1 + peers: + - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}" + endpoint: 178.63.180.138:51820 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}" + keepalive_interval: 15 + allowed_ips: + - 0.0.0.0/0 |