sonny/arch-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: sonny:8920ba56f32d2e75b4691693542340f867aea4b5
Branches Tags
sonny:main
sonny:wireguard-refactor
sonny:file-structure
..
compare: sonny:2d2fb508f0af2cec7394b122a3b5694e0eca44a6
Branches Tags
sonny:main
sonny:wireguard-refactor
sonny:file-structure

No commits in common. "8920ba56f32d2e75b4691693542340f867aea4b5" and "2d2fb508f0af2cec7394b122a3b5694e0eca44a6" have entirely different histories.
8920ba56f3 ... 2d2fb508f0

6 changed files with 8 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tasks/mpd.yml
View file

@ -17,7 +17,7 @@
ansible.builtin.file: ansible.builtin.file:
path: '{{ item.path }}' path: '{{ item.path }}'
state: '{{ item.state }}' state: '{{ item.state }}'
mode: '0755' mode: '0644'
loop: loop:
- path: '{{ mpd_configuration_dir }}' - path: '{{ mpd_configuration_dir }}'
state: 'directory' state: 'directory'
@ -34,6 +34,8 @@
ansible.builtin.file: ansible.builtin.file:
path: '{{ item.path }}' path: '{{ item.path }}'
state: '{{ item.state }}' state: '{{ item.state }}'
mode: '0644'
recurse: '{{ item.path is directory }}'
loop: loop:
- path: '{{ mpd_configuration_dir }}/log' - path: '{{ mpd_configuration_dir }}/log'
state: 'absent' state: 'absent'
@ -48,7 +50,7 @@
ansible.builtin.template: ansible.builtin.template:
src: '{{ item.src }}' src: '{{ item.src }}'
dest: '{{ item.dest }}' dest: '{{ item.dest }}'
mode: '0755' mode: '0644'
loop: loop:
- src: 'templates/mpd/mpd.conf.j2' - src: 'templates/mpd/mpd.conf.j2'
dest: '{{ mpd_configuration_dir }}/mpd.conf' dest: '{{ mpd_configuration_dir }}/mpd.conf'

4
templates/desktop/network/wg0.netdev.j2
View file

@ -12,9 +12,7 @@ PrivateKeyFile={{ vpn_default.private_key_path }}
[WireGuardPeer] [WireGuardPeer]
PublicKey={{ peer.public_key }} PublicKey={{ peer.public_key }}
PresharedKeyFile={{ peer.preshared_key_path }} PresharedKeyFile={{ peer.preshared_key_path }}
{% for ip in peer.allowed_ips %} AllowedIPs={{ peer.allowd_ips }}
AllowedIPs={{ ip.address }}
{% endfor %}
{% if peer.endpoint %} {% if peer.endpoint %}
Endpoint={{ peer.endpoint }} Endpoint={{ peer.endpoint }}
{% endif %} {% endif %}

10
templates/desktop/network/wg0.network.j2
View file

@ -7,13 +7,3 @@ Name={{ vpn_default.interface }}
Address={{ vpn_default.ip }}/{{ vpn_default.subnet }} Address={{ vpn_default.ip }}/{{ vpn_default.subnet }}
DNS={{ vpn_default.dns }} DNS={{ vpn_default.dns }}
Domains={{ vpn_default.domains | join(' ') }} Domains={{ vpn_default.domains | join(' ') }}
{% for peer in vpn_default.peers %}
{% for ip in peer.allowed_ips %}
{% if ip.create_route %}
[Route]
Destination={{ ip.address }}
Scope=link
{% endif %}
{% endfor %}
{% endfor %}

4
templates/desktop/network/wg1.netdev.j2
View file

@ -12,9 +12,7 @@ PrivateKeyFile={{ vpn_media.private_key_path }}
[WireGuardPeer] [WireGuardPeer]
PublicKey={{ peer.public_key }} PublicKey={{ peer.public_key }}
PresharedKeyFile={{ peer.preshared_key_path }} PresharedKeyFile={{ peer.preshared_key_path }}
{% for ip in peer.allowed_ips %} AllowedIPs={{ peer.allowd_ips }}
AllowedIPs={{ ip.address }}
{% endfor %}
{% if peer.endpoint %} {% if peer.endpoint %}
Endpoint={{ peer.endpoint }} Endpoint={{ peer.endpoint }}
{% endif %} {% endif %}

10
templates/desktop/network/wg1.network.j2
View file

@ -7,13 +7,3 @@ Name={{ vpn_media.interface }}
Address={{ vpn_media.ip }}/{{ vpn_media.subnet }} Address={{ vpn_media.ip }}/{{ vpn_media.subnet }}
DNS={{ vpn_media.dns }} DNS={{ vpn_media.dns }}
Domains={{ vpn_media.domains | join(' ') }} Domains={{ vpn_media.domains | join(' ') }}
{% for peer in vpn_media.peers %}
{% for ip in peer.allowed_ips %}
{% if ip.create_route %}
[Route]
Destination = {{ ip.address }}
Scope = link
{% endif %}
{% endfor %}
{% endfor %}

12
vars/desktop.yml
View file

@ -18,7 +18,6 @@ boot_configuration:
disk: /dev/sdc disk: /dev/sdc
partition: 1 partition: 1
# TODO: scope variables to their destination file
vpn_default: vpn_default:
ip: '10.0.0.3' ip: '10.0.0.3'
subnet: '24' subnet: '24'
@ -26,7 +25,6 @@ vpn_default:
dns: '10.0.0.1' dns: '10.0.0.1'
domains: domains:
- ~vpn.fudiggity.nl - ~vpn.fudiggity.nl
- ~transmission.fudiggity.nl
public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub' public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub'
private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key' private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key'
@ -34,11 +32,7 @@ vpn_default:
peers: peers:
- name: 'zeus' - name: 'zeus'
allowed_ips: allowd_ips: '10.0.0.1/32'
- address: '10.0.0.0/24'
create_route: false
- address: '172.16.238.0/24'
create_route: true
endpoint: 'fudiggity.nl:51902' endpoint: 'fudiggity.nl:51902'
public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo=' public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo='
preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk' preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk'
@ -58,9 +52,7 @@ vpn_media:
peers: peers:
- name: 'zeus-media' - name: 'zeus-media'
allowed_ips: allowd_ips: '10.0.1.1/32'
- address: '10.0.1.0/24'
create_route: false
endpoint: 'fudiggity.nl:51903' endpoint: 'fudiggity.nl:51903'
public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg=' public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg='
preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk' preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk'