dogeystamp/homeserver-iac
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0c8d18dcce
homeserver-iac/roles/wireguard/defaults/main.yml
dogeystamp 0c8d18dcce
wireguard: use vpn for bastion-fleet comms 
supposedly fleet will be more secure this way
2024-06-16 21:32:52 -04:00

23 lines
476 B
YAML
Raw Blame History

---
# these are defaults
# change these in group/host vars
# NOTE: copy the *entire* wireguard config if you wish to override it (all or nothing)
# also see group_vars/all/00-secret-template.yml
wireguard:
dns_servers:
- "{{ dns_forward }}"
interface: "wg0"
ip:
# cidr range in tunnel
cidr: "10.66.77.0/24"
server_public: "www.{{ domain }}"
# UDP port
port: 51820
# place to output client configs
client_folder: "/tmp/wireguard-clients"
Reference in New Issue View Git Blame Copy Permalink