From c5c7c8ce88c4e44bc3580a66ff269e181c9715a4 Mon Sep 17 00:00:00 2001 From: Sonny Bakker Date: Sat, 26 Apr 2025 09:48:58 +0200 Subject: [PATCH 1/2] Revert to route only domains Resolution sometimes fails as HTTPS requests are not possible yet to some domains. This causes HTTP requests to fail later on. Can be reproduced by doing a HTTPS request first (for a domain configured without HTTPS) and retrying with a HTTP request afterwards. --- host_vars/desktop/vpn.yml | 14 +++++++------- host_vars/xps/vpn.yml | 14 +++++++------- templates/personal/desktop/network/wg0.network.j2 | 2 +- templates/personal/desktop/network/wg1.network.j2 | 2 +- templates/personal/xps/network/wg0.network.j2 | 2 +- templates/personal/xps/network/wg1.network.j2 | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/host_vars/desktop/vpn.yml b/host_vars/desktop/vpn.yml index dc04880..c738313 100644 --- a/host_vars/desktop/vpn.yml +++ b/host_vars/desktop/vpn.yml @@ -5,11 +5,11 @@ vpn_default: interface: wg0 dns: 10.0.0.1 domains: - - 'vpn.{{ server_domain }}' - - 'transmission.{{ server_domain }}' - - 'syncthing.{{ server_domain }}' - - 'radicale.{{ server_domain }}' - - 'mpd.{{ server_domain }}' + - '~vpn.{{ server_domain }}' + - '~transmission.{{ server_domain }}' + - '~syncthing.{{ server_domain }}' + - '~radicale.{{ server_domain }}' + - '~mpd.{{ server_domain }}' public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub' private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key' @@ -33,8 +33,8 @@ vpn_media: interface: wg1 dns: 10.0.1.1 domains: - - 'media-vpn.{{ server_domain }}' - - 'jellyfin.{{ server_domain }}' + - '~media-vpn.{{ server_domain }}' + - '~jellyfin.{{ server_domain }}' public_key_path: '{{ vpn_config_dir }}/keys/public/media/desktop.pub' private_key_path: '{{ vpn_config_dir }}/keys/private/media/desktop.key' diff --git a/host_vars/xps/vpn.yml b/host_vars/xps/vpn.yml index cd9d2ea..59ab2e1 100644 --- a/host_vars/xps/vpn.yml +++ b/host_vars/xps/vpn.yml @@ -7,11 +7,11 @@ vpn_default: interface: wg0 dns: 10.0.0.1 domains: - - 'vpn.{{ server_domain }}' - - 'transmission.{{ server_domain }}' - - 'syncthing.{{ server_domain }}' - - 'radicale.{{ server_domain }}' - - 'mpd.{{ server_domain }}' + - '~vpn.{{ server_domain }}' + - '~transmission.{{ server_domain }}' + - '~syncthing.{{ server_domain }}' + - '~radicale.{{ server_domain }}' + - '~mpd.{{ server_domain }}' public_key_path: '{{ vpn_config_dir }}/keys/public/default/laptop.pub' private_key_path: '{{ vpn_config_dir }}/keys/private/default/laptop.key' @@ -35,8 +35,8 @@ vpn_media: interface: wg1 dns: 10.0.1.1 domains: - - 'media-vpn.{{ server_domain }}' - - 'jellyfin.{{ server_domain }}' + - '~media-vpn.{{ server_domain }}' + - '~jellyfin.{{ server_domain }}' public_key_path: '{{ vpn_config_dir }}/keys/public/media/laptop.pub' private_key_path: '{{ vpn_config_dir }}/keys/private/media/laptop.key' diff --git a/templates/personal/desktop/network/wg0.network.j2 b/templates/personal/desktop/network/wg0.network.j2 index d583bc6..36beed3 100644 --- a/templates/personal/desktop/network/wg0.network.j2 +++ b/templates/personal/desktop/network/wg0.network.j2 @@ -6,4 +6,4 @@ Name={{ vpn_default.interface }} [Network] Address={{ vpn_default.ip }}/{{ vpn_default.prefix }} DNS={{ vpn_default.dns }} -Domains={{ vpn_default.domains | join(' ') }} {{ vpn_default.domains | map('regex_replace', '^(.*)$', '~\\1') | join(' ') }} +Domains={{ vpn_default.domains | join(' ') }} diff --git a/templates/personal/desktop/network/wg1.network.j2 b/templates/personal/desktop/network/wg1.network.j2 index 5e8d1c5..5ea0ce9 100644 --- a/templates/personal/desktop/network/wg1.network.j2 +++ b/templates/personal/desktop/network/wg1.network.j2 @@ -6,4 +6,4 @@ Name={{ vpn_media.interface }} [Network] Address={{ vpn_media.ip }}/{{ vpn_media.prefix }} DNS={{ vpn_media.dns }} -Domains={{ vpn_media.domains | join(' ') }} {{ vpn_media.domains | map('regex_replace', '^(.*)$', '~\\1') | join(' ') }} +Domains={{ vpn_media.domains | join(' ') }} diff --git a/templates/personal/xps/network/wg0.network.j2 b/templates/personal/xps/network/wg0.network.j2 index d583bc6..36beed3 100644 --- a/templates/personal/xps/network/wg0.network.j2 +++ b/templates/personal/xps/network/wg0.network.j2 @@ -6,4 +6,4 @@ Name={{ vpn_default.interface }} [Network] Address={{ vpn_default.ip }}/{{ vpn_default.prefix }} DNS={{ vpn_default.dns }} -Domains={{ vpn_default.domains | join(' ') }} {{ vpn_default.domains | map('regex_replace', '^(.*)$', '~\\1') | join(' ') }} +Domains={{ vpn_default.domains | join(' ') }} diff --git a/templates/personal/xps/network/wg1.network.j2 b/templates/personal/xps/network/wg1.network.j2 index 5e8d1c5..5ea0ce9 100644 --- a/templates/personal/xps/network/wg1.network.j2 +++ b/templates/personal/xps/network/wg1.network.j2 @@ -6,4 +6,4 @@ Name={{ vpn_media.interface }} [Network] Address={{ vpn_media.ip }}/{{ vpn_media.prefix }} DNS={{ vpn_media.dns }} -Domains={{ vpn_media.domains | join(' ') }} {{ vpn_media.domains | map('regex_replace', '^(.*)$', '~\\1') | join(' ') }} +Domains={{ vpn_media.domains | join(' ') }} From f5ada68b2ba27230a45f59a5224d1aa89dbd4cf1 Mon Sep 17 00:00:00 2001 From: Sonny Bakker Date: Sat, 26 Apr 2025 09:54:08 +0200 Subject: [PATCH 2/2] Use group name in playbook file --- inventory.yml | 2 +- playbook.yml | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/inventory.yml b/inventory.yml index 610f4b7..6aab803 100644 --- a/inventory.yml +++ b/inventory.yml @@ -1,5 +1,5 @@ personal: - hosts: + hosts: xps: ansible_connection: local desktop: diff --git a/playbook.yml b/playbook.yml index 3108293..60eba42 100644 --- a/playbook.yml +++ b/playbook.yml @@ -1,7 +1,5 @@ - name: Arch Linux provisioning - hosts: - - xps - - desktop + hosts: personal gather_facts: true roles: - common