Add media vpn setup

2024-08-03 21:03:07 +02:00 · 2024-08-03 21:03:07 +02:00 · 7c4dd0d3c2
commit 7c4dd0d3c2
parent cf061d3779
25 changed files with 257 additions and 66 deletions
--- a/vars/desktop.yml
+++ b/vars/desktop.yml
@ -1,27 +1,64 @@
 platform_packages: []

-vpn_ip: '10.0.0.3'
-vpn_subnet: '24'
+vpn_default:
+  ip: '10.0.0.3'
+  subnet: '24'
+  interface: 'wg0'

-vpn_public_key_path: '/etc/wireguard/keys/public/desktop.pub'
-vpn_private_key_path: '/etc/wireguard/keys/private/desktop.key'
+  public_key_path: '/etc/wireguard/keys/public/default/desktop.pub'
+  private_key_path: '/etc/wireguard/keys/private/default/desktop.key'
+  
+  private_key: !vault |
+    $ANSIBLE_VAULT;1.1;AES256
+    65386334366166306164363464633364383935313739373730373139663139373964336665636264
+    3563663038313039363230623266393164646164373739620a623536633631643231633938613461
+    63366239333230663531306333383962353937353736663336343434663633303232386531353832
+    6434633935333538650a613065306239333031656362356165326136333131356135383436326561
+    62303035386634636333353664373231633434656538303866386262353139363439363435346637
+    6637363334623133376134306165626564343864633032613763

-vpn_private_key: !vault |
-  $ANSIBLE_VAULT;1.1;AES256
-  65386334366166306164363464633364383935313739373730373139663139373964336665636264
-  3563663038313039363230623266393164646164373739620a623536633631643231633938613461
-  63366239333230663531306333383962353937353736663336343434663633303232386531353832
-  6434633935333538650a613065306239333031656362356165326136333131356135383436326561
-  62303035386634636333353664373231633434656538303866386262353139363439363435346637
-  6637363334623133376134306165626564343864633032613763
+  peers:
+    - {
+        name: 'zeus',
+        allowd_ips: '10.0.0.1/32',
+        endpoint: 'fudiggity.nl:51902',
+        public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo=',
+        preshared_key_path: '/etc/wireguard/keys/private/default/preshared-zeus.psk',
+        preshared_key_source_path: 'files/desktop/wireguard/default/preshared.psk',
+        preshared_key: !vault "$ANSIBLE_VAULT;1.1;AES256\r\n363333633336613939306632323163396239303739366135393232396134393266623939613534326238393638333137383235313039623264343932303038330a633934373638363966306533346235326234663464313963356238623064666430303030643533666536393662316237333463336462376366343335363131350a333135366239633765633136316133653535336661666461666365636233656165666635663037386666323931643265623233366133623237663734623661623661316436396465343866363266393565653237636136626536353630383263",
+      }

-vpn_peers:
-  - {
-      name: 'zeus',
-      allowd_ips: '10.0.0.1/32',
-      endpoint: 'fudiggity.nl:51902',
-      public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo=',
-      preshared_key_path: '/etc/wireguard/keys/private/preshared-zeus.psk',
-      preshared_key_source_path: 'files/desktop/wireguard/preshared.psk',
-      preshared_key: !vault "$ANSIBLE_VAULT;1.1;AES256\r\n363333633336613939306632323163396239303739366135393232396134393266623939613534326238393638333137383235313039623264343932303038330a633934373638363966306533346235326234663464313963356238623064666430303030643533666536393662316237333463336462376366343335363131350a333135366239633765633136316133653535336661666461666365636233656165666635663037386666323931643265623233366133623237663734623661623661316436396465343866363266393565653237636136626536353630383263",
-    }
+vpn_media:
+  ip: '10.0.1.3'
+  subnet: '24'
+  interface: 'wg1'
+
+  public_key_path: '/etc/wireguard/keys/public/media/desktop.pub'
+  private_key_path: '/etc/wireguard/keys/private/media/desktop.key'
+
+  private_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          62396362373339306463343330346431613538383236663666386135383864303835616161336662
+          6633313937313261313033323361383866313639643733650a363730393538623463313362343133
+          34643530303832393530666239636263353435353031316166366638666132323034313662653334
+          3238313161363632380a356464626364656465616231346463366632386635353861303934653036
+          34363436616334386463353463303537346234346666366631333634393733613164636466633137
+          3265386536663664626236343062336662373638656435303966
+
+  peers:
+    - {
+        name: 'zeus-media',
+        allowd_ips: '10.0.1.1/32',
+        endpoint: 'fudiggity.nl:51903',
+        public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg=',
+        preshared_key_path: '/etc/wireguard/keys/private/media/preshared-zeus.psk',
+        preshared_key_source_path: 'files/laptop/wireguard/media/preshared.psk',
+        preshared_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          30613935653234316531633935306432343432343266346236383330393030346337313765346333
+          6366303237376564346131623662323066316435613737610a303439333438656663626334313134
+          32623138656664336462643835386435326536313734333535336534656565393934356438313062
+          3561656264663365390a303239613536393539636464656466373531623664633637663937333438
+          65663837353931373436613964633139396531653834386364383666336361376435383965643061
+          6233633761343562386534316336613062626236313833643066,
+      }