sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: sonny:131a4f3eb6797c8c1f88ac1cfe675a3c8f6b9d27
Branches Tags
sonny:main
..
compare: sonny:8d2b587072e7172388bbb38bfc6f4bc8092b8ea7
Branches Tags
sonny:main

No commits in common. "131a4f3eb6797c8c1f88ac1cfe675a3c8f6b9d27" and "8d2b587072e7172388bbb38bfc6f4bc8092b8ea7" have entirely different histories.
131a4f3eb6 ... 8d2b587072

5 changed files with 25 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

7
files/wireguard/default/preshared-thinkpad.psk
View file

@ -1,7 +0,0 @@
$ANSIBLE_VAULT;1.1;AES256
34643535393664343461666562656166373165313335356663353265623065386163383133373534
3262623130653739353461353838343433303766643436340a373365613736643539323331623363
30366161623566663066376531343361336332333238333236376266313566643961346336653933
3933623933626231650a326632353837386630666265343238616333303765636666646665663839
38393961633066626431653561386136376564643237653939383938386161613037333436353865
6533316130613366616663633830656530383466333664383532

10
host_vars/fudiggity/vpn.yml
View file

@ -6,11 +6,11 @@ vpn_server_key_path: "{{ vpn_config_dir }}/keys/private/server.key"
copy_vpn_configurations: false copy_vpn_configurations: false
vpn_peers: vpn_peers:
thinkpad: laptop:
ip: "10.0.0.5" ip: "10.0.0.2"
public_key: "MOdt0GmrJWOAsL78TcHRNrBMF2jC9mviJrP5gqFzKxo=" public_key: "EbWLf2+7x/RymeeiVuX72nZOBqPvdhu2V9pYhszpQEw="
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-thinkpad.psk" preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-laptop.psk"
preshared_key_source_path: "files/wireguard/default/preshared-thinkpad.psk" preshared_key_source_path: "files/wireguard/default/preshared-laptop.psk"
desktop: desktop:
ip: "10.0.0.3" ip: "10.0.0.3"

30
host_vars/fudiggity/vpn_media.yml
View file

@ -8,27 +8,18 @@ copy_vpn_media_configurations: false
# private_key_source_path keys are required for clients which get their configuration # private_key_source_path keys are required for clients which get their configuration
# generated. # generated.
vpn_media_peers: vpn_media_peers:
laptop:
ip: 10.0.1.2
public_key: "hI4rqlv2afs4RJkt5xR+dYxQODSd6lR0OqWJRlnQdjM="
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-media-laptop.psk"
preshared_key_source_path: files/wireguard/media/preshared-laptop.psk
desktop: desktop:
ip: 10.0.1.3 ip: 10.0.1.3
public_key: "YDH5lZcxUHM4AU2ZxQrFqjDIV2Z7PSUQKMcYXLExV0E=" public_key: "YDH5lZcxUHM4AU2ZxQrFqjDIV2Z7PSUQKMcYXLExV0E="
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-media-desktop.psk" preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-media-desktop.psk"
preshared_key_source_path: files/wireguard/media/preshared-desktop.psk preshared_key_source_path: files/wireguard/media/preshared-desktop.psk
thinkpad:
ip: 10.0.1.9
public_key: "znOvNe+KL6R/mE1OkjuTRcGDpgU8JLWBe5bNc027nWE="
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-media-thinkpad.psk"
preshared_key_source_path: files/wireguard/media/preshared-thinkpad.psk
htpc:
ip: 10.0.1.8
allowed_ips:
- "{{ vpn_media_subnet }}"
- "{{ jellyfin_subnet }}"
public_key: "XcWpmGrkSQJUEADrDTUmcA7/dm8HQffbdC03rQ/3fwg="
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-htpc.psk"
preshared_key_source_path: files/wireguard/media/preshared-htpc.psk
mobile_peer_1: mobile_peer_1:
ip: 10.0.1.4 ip: 10.0.1.4
allowed_ips: allowed_ips:
@ -68,3 +59,12 @@ vpn_media_peers:
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-media-tv-2.psk" preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-media-tv-2.psk"
preshared_key_source_path: files/wireguard/media/preshared-tv-2.psk preshared_key_source_path: files/wireguard/media/preshared-tv-2.psk
private_key_source_path: files/wireguard/media/tv-2.key private_key_source_path: files/wireguard/media/tv-2.key
htpc:
ip: 10.0.1.8
allowed_ips:
- "{{ vpn_media_subnet }}"
- "{{ jellyfin_subnet }}"
public_key: "XcWpmGrkSQJUEADrDTUmcA7/dm8HQffbdC03rQ/3fwg="
preshared_key_path: "{{ vpn_config_dir }}/keys/private/preshared-htpc.psk"
preshared_key_source_path: files/wireguard/media/preshared-htpc.psk

8
tasks/wireguard.yml
View file

@ -12,7 +12,7 @@
dest: "/etc/systemd/network/wg0.netdev" dest: "/etc/systemd/network/wg0.netdev"
- src: "templates/network/wireguard/default/wg0.network.j2" - src: "templates/network/wireguard/default/wg0.network.j2"
dest: "/etc/systemd/network/wg0.network" dest: "/etc/systemd/network/wg0.network"
notify: Restart systemd-networkd notify: restart systemd-networkd
- name: Create Wireguard directories - name: Create Wireguard directories
become: true become: true
@ -41,7 +41,7 @@
dest: "{{ vpn_server_public_key_path }}" dest: "{{ vpn_server_public_key_path }}"
- src: "files/wireguard/default/server.key" - src: "files/wireguard/default/server.key"
dest: "{{ vpn_server_key_path }}" dest: "{{ vpn_server_key_path }}"
notify: Restart systemd-networkd notify: restart systemd-networkd
- name: Copy Wireguard mobile credentials - name: Copy Wireguard mobile credentials
become: true become: true
@ -56,7 +56,7 @@
dest: "{{ vpn_config_dir }}/keys/public/mobile.pub" dest: "{{ vpn_config_dir }}/keys/public/mobile.pub"
- src: "files/wireguard/default/mobile.key" - src: "files/wireguard/default/mobile.key"
dest: "{{ vpn_config_dir }}/keys/private/mobile.key" dest: "{{ vpn_config_dir }}/keys/private/mobile.key"
notify: Restart systemd-networkd notify: restart systemd-networkd
- name: Copy Wireguard preshared keys - name: Copy Wireguard preshared keys
become: true become: true
@ -67,7 +67,7 @@
group: systemd-network group: systemd-network
mode: "0640" mode: "0640"
with_dict: "{{ vpn_peers }}" with_dict: "{{ vpn_peers }}"
notify: Restart systemd-networkd notify: restart systemd-networkd
- name: Copy Wireguard mobile configuration - name: Copy Wireguard mobile configuration
become: true become: true

2
tasks/wireguard_media.yml
View file

@ -12,7 +12,7 @@
dest: /etc/systemd/network/wg1.netdev dest: /etc/systemd/network/wg1.netdev
- src: templates/network/wireguard/media/wg1.network.j2 - src: templates/network/wireguard/media/wg1.network.j2
dest: /etc/systemd/network/wg1.network dest: /etc/systemd/network/wg1.network
notify: Restart systemd-networkd notify: restart systemd-networkd
- name: Create Wireguard media directories - name: Create Wireguard media directories
become: true become: true