wireguard: Add desktop access to internal network For now only access to the main server.
3 files changed, 9 insertions(+), 2 deletions(-) M host_vars/fenrir.xenrox.net/vars.yml M host_vars/xenrox.net/vars.yml M roles/wireguard/templates/wg0.netdev.j2
M host_vars/fenrir.xenrox.net/vars.yml => host_vars/fenrir.xenrox.net/vars.yml +1 -1
M host_vars/xenrox.net/vars.yml => host_vars/xenrox.net/vars.yml +1 -1
@@ 7,7 7,7 @@ ipv6_netmask: "/64" ipv6_gateway: "fe80::1" network_interface: enp9s0 wireguard_address: 10.0.0.1 wireguard_address: 10.0.0.2 wireguard_vpn_subnet: 10.200.200.0/24 borg_user: u272193-sub1
M roles/wireguard/templates/wg0.netdev.j2 => roles/wireguard/templates/wg0.netdev.j2 +7 -0
@@ 15,3 15,10 @@ AllowedIPs={{ hostvars[host]['wireguard_address'] }}/32 Endpoint={{ host }}:51820 {% endfor %} {% if inventory_hostname == 'xenrox.net' %} [WireGuardPeer] PublicKey={{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/localhost.pub:content') | trim }} PresharedKey={{ lookup('community.hashi_vault.hashi_vault', 'ansible/data/wireguard/localhost.psk:content') | trim }} AllowedIPs=10.0.0.1/32 {% endif %}