From a895214d8fe4b515fbef15a7f919c5177543ac56 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sat, 29 Feb 2020 03:29:26 +0100
Subject: wireguard gateway works now (it is quite ugly though)

---
 inventory/host_vars/ele-media.yml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'inventory/host_vars/ele-media.yml')

diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml
index a0a388e9..ea298088 100644
--- a/inventory/host_vars/ele-media.yml
+++ b/inventory/host_vars/ele-media.yml
@@ -12,7 +12,7 @@ network:
     mask: "{{ network_zones.lan.prefix | ipaddr('netmask') }}"
     gateway: "{{ network_zones.lan.gateway }}"
 
-network_setup: r3-with-lan # elevate-festival
+network_setup: elevate-festival
 
 
 dyndns:
@@ -72,3 +72,18 @@ wireguard_keys:
   gwhetzner:
     pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg="
     priv: "{{ vault_wireguard_priv_keys.gwhetzner }}"
+
+wireguard_gateway_tunnels:
+  wg-gwhetzner:
+    priv_key: "{{ wireguard_keys.gwhetzner.priv }}"
+    addresses:
+    - 192.168.254.2/30
+    default_gateway:
+      outer: 178.63.180.138
+      inner: 192.168.254.1
+    peers:
+    - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}"
+      endpoint: 178.63.180.138:51820 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}"
+      keepalive_interval: 15
+      allowed_ips:
+      - 0.0.0.0/0
-- 
cgit v1.2.3