dogeystamp/homeserver-iac
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
homeserver-iac/roles/wireguard/templates/client.conf.j2
dogeystamp 0c8d18dcce
wireguard: use vpn for bastion-fleet comms 
supposedly fleet will be more secure this way
2024-06-16 21:32:52 -04:00

15 lines
397 B
Django/Jinja
Raw Permalink Blame History

[Interface]
# device's address in the VPN
Address = {{ item.addr }}
# device privkey
PrivateKey = {{ item.priv_key }}
DNS = {{ hostvars[groups["bastion"][0]].vpn_ip }}
[Peer]
# server stuff
PublicKey = {{ wireguard_secret.servers[groups["bastion"][0]].pub }}
Endpoint = {{ wireguard.ip.server_public }}:{{ wireguard.ip.port }}
# allow traffic for all subnets into the VPN
AllowedIPs = 0.0.0.0/0
Reference in New Issue View Git Blame Copy Permalink