From bff77c7fb34e9ba0ae1f42ba920ff09f9faca30d Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 30 Jan 2022 16:05:53 +0100
Subject: wireguard/gateway: switch to nftables

---
 inventory/host_vars/ele-media.yml | 46 +++++++++++++++++++--------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

(limited to 'inventory/host_vars/ele-media.yml')

diff --git a/inventory/host_vars/ele-media.yml b/inventory/host_vars/ele-media.yml
index e4239ed1..a0a203ba 100644
--- a/inventory/host_vars/ele-media.yml
+++ b/inventory/host_vars/ele-media.yml
@@ -64,6 +64,29 @@ zfs_pools:
     create_vdevs: raidz /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N2AYHY8E /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4ND0PVLUE /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N6PJ1CSJ /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-WCC4N3YN09NC
 
 
+wireguard_keys:
+  gwhetzner:
+    pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg="
+    priv: "{{ vault_wireguard_priv_keys.gwhetzner }}"
+
+wireguard_gateway_tunnels:
+  wg-gwhetzner:
+    priv_key: "{{ wireguard_keys.gwhetzner.priv }}"
+    addresses:
+    - 192.168.254.2/30
+    default_gateway:
+      outer: 178.63.180.138
+      inner: 192.168.254.1
+    peers:
+    - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}"
+      endpoint:
+        host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}"
+        port: 51820
+      keepalive_interval: 15
+      allowed_ips:
+      - 0.0.0.0/0
+
+
 # dyndns:
 #   server: ch-pan
 
@@ -97,26 +120,3 @@ zfs_pools:
 #     lv: ncdata
 #     size: 150G
 #     fs: ext4
-
-
-# wireguard_keys:
-#   gwhetzner:
-#     pub: "YO78lnFJdlGnKxBrtVZF4QXF7bpF8rAP7yF97klWLzg="
-#     priv: "{{ vault_wireguard_priv_keys.gwhetzner }}"
-
-# wireguard_gateway_tunnels:
-#   wg-gwhetzner:
-#     priv_key: "{{ wireguard_keys.gwhetzner.priv }}"
-#     addresses:
-#     - 192.168.254.2/30
-#     default_gateway:
-#       outer: 178.63.180.138
-#       inner: 192.168.254.1
-#     peers:
-#     - pub_key: "{{ hostvars['ele-gwhetzner'].wireguard_keys.elemedia.pub }}"
-#       endpoint:
-#         host: 178.63.180.138 # TODO: fix this variable "{{ hostvars['ele-gwhetzner'].external_ip }}"
-#         port: 51820
-#       keepalive_interval: 15
-#       allowed_ips:
-#       - 0.0.0.0/0
-- 
cgit v1.2.3