From a895214d8fe4b515fbef15a7f919c5177543ac56 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sat, 29 Feb 2020 03:29:26 +0100
Subject: wireguard gateway works now (it is quite ugly though)

---
 inventory/host_vars/ele-gwhetzner.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'inventory/host_vars/ele-gwhetzner.yml')

diff --git a/inventory/host_vars/ele-gwhetzner.yml b/inventory/host_vars/ele-gwhetzner.yml
index aeaa936f..f68ff783 100644
--- a/inventory/host_vars/ele-gwhetzner.yml
+++ b/inventory/host_vars/ele-gwhetzner.yml
@@ -44,6 +44,14 @@ wireguard_gateway_tunnels:
     priv_key: "{{ wireguard_keys.elemedia.priv }}"
     addresses:
     - 192.168.254.1/30
+    ip_snat:
+      interface: "{{ network.primary.interface }}"
+      to: "{{ network.primary.overlay }}"
+    port_forwardings:
+    - dest: "{{ network.primary.overlay }}"
+      tcp_ports:
+        80: 192.168.254.2:80
+        443: 192.168.254.2:443
     peers:
     - pub_key: "{{ hostvars['ele-media'].wireguard_keys.gwhetzner.pub }}"
       allowed_ips:
-- 
cgit v1.2.3