Skip to content
Snippets Groups Projects
Commit 977eda2f authored by poulpe's avatar poulpe
Browse files

[Update] Add config for wireguard + somes script for generating keys

parent 205a2986
No related branches found
No related tags found
No related merge requests found
auto {{ all[inventory_hostname].ifname }}
iface {{ all[inventory_hostname].ifname }} inet static
address {{ all[inventory_hostname].ifip }}
netmask {{ all[inventory_hostname].ifcidr }}
auto {{ all[inventory_hostname].ifname2 }}
iface {{ all[inventory_hostname].ifname2 }} inet static
address {{ all[inventory_hostname].ifip2 }}
netmask {{ all[inventory_hostname].ifcidr2 }}
{% if inventory_hostname != "R2" %}
post-up ip route add 3.0.0.0/24 nexthop via {{ all[inventory_hostname].ifgw }}
{% endif %}
{% if inventory_hostname != "R1" %}
post-up ip route add 1.0.0.0/24 nexthop via {{ all[inventory_hostname].ifgw }}
{% endif %}
server {
listen 10.0.0.0:80;
listen 127.0.0.1:80;
server_name internal_web_site;
location / {
root /var/www/;
index index.html;
}
}
\ No newline at end of file
auto {{ all[inventory_hostname].ifname }}
iface {{ all[inventory_hostname].ifname }} inet static
address {{ all[inventory_hostname].ifip }}
netmask {{ all[inventory_hostname].ifcidr }}
auto {{ all[inventory_hostname].ifname2 }}
iface {{ all[inventory_hostname].ifname2 }} inet static
address {{ all[inventory_hostname].ifip2 }}
netmask {{ all[inventory_hostname].ifcidr2 }}
{% if inventory_hostname != "R2" %}
post-up ip route add 3.0.0.0/24 nexthop via {{ all[inventory_hostname].ifgw }}
{% endif %}
{% if inventory_hostname != "R1" %}
post-up ip route add 1.0.0.0/24 nexthop via {{ all[inventory_hostname].ifgw }}
{% endif %}
[Interface]
Address = 10.0.0.2/24
ListenPort = 51820
PrivateKey = {{ keys["H1PRIV"] }}
[Peer]
PublicKey = {{ keys["H2PUB"] }}
Endpoint = 3.0.0.2:51820
AllowedIPs = 0.0.0.0/0, ::/0
[Interface]
Address = 10.0.0.1/24
PrivateKey = {{ keys["H2PRIV"] }}
ListenPort = 51820
{# PostUp = nft -f nft.sh %i #}
{# PostUp = nft add rule ip nat POSTROUTING oifname "eth0" counter masquerade;nft add rule ip filter FORWARD iifname "eth0" counter accept
PostDown = nft del rule ip nat POSTROUTING oifname "eth0" counter masquerade;nft del rule ip filter FORWARD iifname "eth0" counter accept #}
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = {{ keys["H1PUB"] }}
AllowedIPs = 10.0.0.0/24
\ No newline at end of file
---
all:
H1:
ifname: "eth0"
ifip: "1.0.0.2"
ifcidr: "255.255.255.0"
ifgw: "1.0.0.1"
iftarget: "3.0.0.0/24"
H2:
ifname: "eth0"
ifip: "3.0.0.2"
ifcidr: "255.255.255.0"
ifgw: "3.0.0.1"
iftarget: "1.0.0.0/24"
title: "WebPoulpy"
wgport: 51820
R1:
ifname: "eth1"
ifip: "1.0.0.1"
ifcidr: "255.255.255.0"
ifname2: "eth0"
ifip2: "2.0.0.1"
ifcidr2: "255.255.255.0"
ifgw: "2.0.0.2"
R2:
ifname: "eth0"
ifip: "2.0.0.2"
ifcidr: "255.255.255.0"
ifname2: "eth1"
ifip2: "3.0.0.1"
ifcidr2: "255.255.255.0"
ifgw: "2.0.0.1"
PASSWORD_HERE
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment