phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Custom peervpn role

Browse source
This commit is contained in:
Paul-Henri Froidmont 2018-07-31 02:33:56 +02:00
parent bc0f0c4894
commit fbab1d084a
22 changed files with 1162 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

2
group_vars/all/vars
View file

@ -46,7 +46,7 @@ harden_linux_sshguard_whitelist:
peervpn_conf_networkname: "peervpn"
peervpn_conf_psk: "{{k8s_peervpn_pre_shared_key}}"
peervpn_conf_initpeers: "master1.banditlair.com 7000"
peervpn_conf_initpeers: "{{ hostvars[groups['k8s_worker'][0]].public_ip }} {{ peervpn_conf_port }}"
peervpn_conf_enabletunneling: "yes"
peervpn_conf_interface: "tap0"
peervpn_conf_port: 7000

1
group_vars/k8s_master Normal file
View file

@ -0,0 +1 @@
peervpn_conf_ifconfig4: "10.3.0.{{ index }}/24"

1
group_vars/k8s_worker
View file

@ -1,3 +1,4 @@
peervpn_conf_ifconfig4: "10.3.0.{{ 100+(index|int) }}/24"
harden_linux_ufw_rules:
- rule: "allow"
to_port: "22"