crans
/
ansible
mirror of http://gitlab.adm.crans.org/nounous/ansible.git
19
0
Fork 0
Code Issues Projects Releases Wiki Activity
ansible/host_vars/vol447.adm.crans.org.yml

21 lines
1.1 KiB
YAML
Raw Blame History

---
interfaces:
adm: ens18
srv: ens19
loc_wireguard:
tunnels:
- name: gulp
listen_port: 51820
private_key: "{{ vault.wireguard.vol447.privkey }}"
peers:
- public_key: "{{ vault.wireguard.charybde.pubkey }}"
allowed_ips:
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv4 | first }}/32"
- "{{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }}/128"
endpoint: "{{ query('ldap', 'ip', 'freebox', 'srv') | ansible.utils.ipv4 | first }}:51820"
post_up: sysctl -w net.ipv4.conf.ens18.proxy_arp=1; sysctl -w net.ipv4.conf.gulp.proxy_arp=1; sysctl -w net.ipv6.conf.ens18.proxy_ndp=1; sysctl -w net.ipv6.conf.gulp.proxy_ndp=1;
ip neigh add proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }} dev ens18
post_down: sysctl -w net.ipv4.conf.ens18.proxy_arp=0; sysctl -w net.ipv4.conf.gulp.proxy_arp=0; sysctl -w net.ipv6.conf.ens18.proxy_ndp=0; sysctl -w net.ipv6.conf.gulp.proxy_ndp=0;
ip neigh delete proxy {{ query('ldap', 'ip', 'charybde', 'adm') | ansible.utils.ipv6 | first }} dev ens18
Reference in New Issue View Git Blame Copy Permalink