Use tinc for private networking

2025-12-25 13:46:59 +01:00 · 2019-04-07 16:26:03 +02:00 · 2019-04-07 16:26:03 +02:00 · 224bdffc8b
commit 224bdffc8b
parent 904167ec30
9 changed files with 29 additions and 41 deletions
--- a/group_vars/all/vars
+++ b/group_vars/all/vars
@ -1,39 +0,0 @@
---
-ansible_python_interpreter: /usr/bin/python3
-initial_master: master1
-tinc_primary_router: proxy1
-vpn_interface: tun0
-
-# Kubernetes
-kubernetes_apt_key: https://packages.cloud.google.com/apt/doc/apt-key.gpg
-kubernetes_apt_channel: main
-kubernetes_release: xenial
-kubernetes_version: 1.11.3
-kubernetes_version_apt: "{{kubernetes_version}}-00"
-kubernetes_port: 6443
-
-etcd_version: "3.2.24"
-
-harden_linux_root_password: "{{k8s_scaleway_root_password}}"
-harden_linux_deploy_user: deploy
-harden_linux_deploy_user_password: "{{k8s_scaleway_deploy_user_password}}"
-harden_linux_deploy_user_home: /home/deploy
-harden_linux_ufw_defaults_user:
-  "^DEFAULT_FORWARD_POLICY": 'DEFAULT_FORWARD_POLICY="ACCEPT"'
-harden_linux_deploy_user_public_keys: "{{ scw_authorized_keys }}"
-harden_linux_ufw_allow_networks:
-  - "10.0.0.0/8"
-  - "172.16.0.0/12"
-  - "192.168.0.0/16"
-harden_linux_sysctl_settings_user:
-  "net.ipv4.ip_forward": 1
-  "net.ipv6.conf.default.forwarding": 1
-  "net.ipv6.conf.all.forwarding": 1
-harden_linux_ufw_logging: 'on'
-harden_linux_sshguard_whitelist:
-  - "127.0.0.0/8"
-  - "::1/128"
-  - "212.83.165.111"
-  - "10.3.0.0/24"
-  - "10.200.0.0/16"
-