diff options
Diffstat (limited to 'inventory')
-rw-r--r-- | inventory/group_vars/elevate-festival/main.yml | 28 | ||||
-rw-r--r-- | inventory/host_vars/ele-gwhetzner.yml | 22 | ||||
-rw-r--r-- | inventory/host_vars/ele-router.yml | 10 |
3 files changed, 55 insertions, 5 deletions
diff --git a/inventory/group_vars/elevate-festival/main.yml b/inventory/group_vars/elevate-festival/main.yml index 013aef69..30d9ee4a 100644 --- a/inventory/group_vars/elevate-festival/main.yml +++ b/inventory/group_vars/elevate-festival/main.yml @@ -20,11 +20,26 @@ network_zones: datacop: 249 equinox-t450s: 250 ele-laptop: 251 + ele-router: 254 wifi: ssid: "elevate Staff" encryption: "psk2" key: "{{ vault_wifi_keys.lan }}" + emc: + vlan: 20 + prefix: 192.168.20.0/24 + gateway: 192.168.20.254 + dns: + - 192.168.20.254 + dhcp: + start: 1 + limit: 199 + offsets: + equinox-t450s: 250 + ele-laptop: 251 + ele-router: 254 + guest: vlan: 23 prefix: 192.168.23.0/24 @@ -35,6 +50,9 @@ network_zones: start: 1 limit: 250 leasetime: 2h + offsets: + equinox-t450s: 250 + ele-router: 254 wifi: ssid: "elevate Public" encryption: "psk2" @@ -107,6 +125,9 @@ network_zones: mixer: vlan: 48 prefix: 192.168.48.0/24 + gateway: 192.168.48.254 + dns: + - 192.168.48.254 offsets: kuschelbaer: 48 atem-datacop: 90 @@ -121,9 +142,7 @@ network_zones: x32core: 216 datacop: 249 equinox-t450s: 250 - gateway: 192.168.48.254 - dns: - - 192.168.48.254 + ele-router: 254 infoscreens: vlan: 73 @@ -134,6 +153,9 @@ network_zones: dhcp: start: 100 limit: 199 + offsets: + equinox-t450s: 250 + ele-router: 254 wifi: ssid: "elevate Infoscreens" encryption: "psk2" diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml index f68ff783..3575c943 100644 --- a/inventory/host_vars/ele-gwhetzner.yml +++ b/inventory/host_vars/ele-gwhetzner.yml @@ -37,6 +37,9 @@ wireguard_keys: elemedia: pub: "1GdTR5ehIcSVvwdWWsKitRjzcm1gY3Z9ASzJAuN7VH0=" priv: "{{ vault_wireguard_priv_keys.elemedia }}" + emc: + pub: "xgBLLDTRrVxUG0BEr0gNQ6ofkXSRDQR7OXilxCCwtxs=" + priv: "{{ vault_wireguard_priv_keys.elemedia }}" wireguard_gateway_tunnels: wg-elemedia: @@ -52,7 +55,26 @@ wireguard_gateway_tunnels: tcp_ports: 80: 192.168.254.2:80 443: 192.168.254.2:443 + 322: 192.168.254.2:222 peers: - pub_key: "{{ hostvars['ele-media'].wireguard_keys.gwhetzner.pub }}" allowed_ips: - 192.168.254.2/32 + wg-emc: + description: Elevate Media Channel + priv_key: "{{ wireguard_keys.emc.priv }}" + listen_port: 51821 + addresses: + - 192.168.254.5/30 + ip_snat: + interface: "{{ network.primary.interface }}" + to: "{{ network.primary.overlay }}" + port_forwardings: + - dest: "{{ network.primary.overlay }}" + tcp_ports: + 422: 192.168.254.6:222 + peers: + - pub_key: "{{ hostvars['ele-router'].wireguard_keys.gwhetzner.pub }}" + allowed_ips: + - 192.168.254.6/32 + - 192.168.20.0/24 diff --git a/inventory/host_vars/ele-router.yml b/inventory/host_vars/ele-router.yml index 4a552d7f..72cb2b14 100644 --- a/inventory/host_vars/ele-router.yml +++ b/inventory/host_vars/ele-router.yml @@ -1,4 +1,10 @@ --- +wireguard_keys: + gwhetzner: + pub: "fqaKDJbSj6V0H98d78d/lnFLolefgp6zDPH9bN4+zUY=" + priv: "{{ vault_wireguard_priv_keys.gwhetzner }}" + + network_mgmt_zone: "{{ network_zones.mgmt }}" network_internal_zone_names: - lan @@ -12,7 +18,7 @@ openwrt_network_external: options: device: 'switch0' ## for some reason vlan-id 502 does not work. why?? - vlan: '{{ network_zones.forum_a1.vlan }}' + #vlan: '{{ network_zones.forum_a1.vlan }}' vlan: '1' ports: '4 6t' @@ -49,7 +55,7 @@ openwrt_network_external: - name: interface 'wanff' options: ## for some reason vlan-id 502 does not work. why?? - #fname: 'eth0.{{ network_zones.funkfeuer.vlan }}' + #ifname: 'eth0.{{ network_zones.funkfeuer.vlan }}' ifname: 'eth0.2' proto: static ipaddr: "{{ network_zones.funkfeuer.prefix | ipaddr(network_zones.funkfeuer.offsets[inventory_hostname]) | ipaddr('address') }}" |