Create new hatchery client config:

- public key creation - private key addition to vault.yml - reference in main task file - creation of template
4 years ago · ee31d08681
parent e3ad4dfcd7
commit ee31d08681
4 changed files with 46 additions and 26 deletions
--- a/ansible/group_vars/all/main.yml
+++ b/ansible/group_vars/all/main.yml
@ -33,7 +33,10 @@ wireguard_clients:
    offset: 12
    privkey: "{{ vault_wireguard_client_privkey_ling8 }}"
    pubkey: YqGQE6yUz6rjBFRWgZyj5mPEaGavxrmO/cclO5o+VBQ=
-
+  - name: hatchery
+    offset: 13
+    privkey: "{{ vault_wireguard_client_privkey_hatchery }}"
+    pubkey: kguQg0CvB7N1fJDO8i0Nj4C1cUKUsawfHyArwiaGxis=

 # mojos
 slack_bot_token: "{{ VAULT_SLACK_BOT_TOKEN }}"
--- a/ansible/group_vars/all/vault.yml
+++ b/ansible/group_vars/all/vault.yml
@ -1,26 +1,30 @@
 $ANSIBLE_VAULT;1.1;AES256
-66613862393232386437383466323332626664663366636433646332633433626636636163313836
-3764646266636630323434633265616230616261393537630a376564363137383533333637636438
-33383133323439666335656637363531303065303566646438313766393735396630336433393363
-3264306538336335650a393163303162393232343864303134636665653935633930373435333434
-39633361656466346462643731643132323738666234633663353137336236376438353838313133
-30313238613537333333326435326435633631323833663963633539336233646531316366653635
-31643665336334303333613562666164353933626632656438613239396665333866616438303831
-30656438326164656137356237343466316438613564643061343534313438386435313037663036
-31306139343435376333333036363138316232363237353537643530663432363662366161396362
-36366165313665653864366531343534626239663333363735666564326565633833646636343063
-39396431626438666261663938376630666633623633343632336265336334626133613036383432
-33303366336637303263383231633165333662623632326130323334396333653935633962616339
-31343933323533373861343766346336656539333465393837313639373939666634323862373031
-30376164306430356139316463316261366632313839326338363131633861343239316564343138
-61663735313564393436616637306431393364666239616563373537653766336431613031303766
-36316535323562323436623132623437643864346434306263623037323234623039316432616538
-33376330653436353331666136386565366438353037663737636630623438623638373863343932
-62373535323332623930343736653163393331646362613439343137643666633961336462636534
-37393462633531303531396539373031336339306537383236396263313738656234663062653936
-31356265663930366162643134333662393933356236656533393363366135313062313335323864
-64643662303539356133326539626237366630346663663438303833306536636461376230323162
-35346464306538636336346530356131356134386264316364666537393535373037393135653837
-31636133386439376238373534663130326337303231623162303431666632313235613763323931
-35383165383139643534656230373764333836343066343765393233303739656266363433313236
-3363
+35333564626239306564363765646535333638616663386666326339356665306334333364346561
+6638306537393964333164316435356235303261393263310a346462393165396634643837353366
+34333361383030346433373632303831373538653363356132666436316162346663316466613362
+6330386135323765640a343161363162653663363166356530653833653132346563316436666633
+36626532343538396130666231323462623333336664613531643765373866396662653035623464
+39383563306538643866333264343634636165613037346139633630353131646561383562316236
+32336636643137356430383961303236316666396564316566313838306439613864343030623161
+38356361313030336461366465306666326434396131323036646338646232346266396631306437
+39633430313230303162653333306264393931303939343466636238323134646237313332336630
+38386466666435383034323634666331383233323631623533306431653937613166316433626130
+65376238363261373563343439613531306539346633616532383434356162373334633462643062
+30323232643061326163623663623338343835303139643936326137346439303664653230663062
+38356639626333643036396361633464303038376330663638616564316631623933653036323334
+34343861366533313262366563303761333038343231303264636136386162653963383134343462
+37303134346632633863343465643766343062633630626661383731346561666237353237343133
+31633536636662653930303865366566313632323461623537396538353631316634303734356261
+66356332323435303837643531393231353234633966383437626639656266626365616539303861
+36623566663334383366636631323838373232316133313463613566323238353265343336376532
+30343465393964346562343366613035623639363337353634346162643232656432633133323739
+63373236363466333934323833653133326664663162313435333434643232613439343530383861
+33613437636130353630656133373435366538613236646664623463343733336361663030383332
+37303335653364303161666130373338613862376663613965356461646530313462376334623164
+37343035333139306363666535653038646539386539663638663164336662623633396563626365
+62643663323731373539363965303363373766343534393766383930303561353838353830313965
+32336461633136376231653166333135353364656232363431633366353430323537333734366437
+39353839323234386636666133663937326231316337666134623138623036373135663061306539
+33323635613835333261363262343364313735363832386632383337623365313561643632373833
+61353938386333663438303934326138393637346633316634383434666538363234396163383331
+38666562613131323963643863636231363536346435353230323463616135656236
--- a/ansible/roles/wg_vpn/tasks/main.yml
+++ b/ansible/roles/wg_vpn/tasks/main.yml
@ -51,3 +51,8 @@
    - clients
    - client_pvl
    
+- name: Create hatchery file in /etc/wireguard/.
+  template: src=wg0-hatchery.conf dest=/etc/wireguard/ owner=root mode=0600
+  tags:
+    - clients
+    - client_hatchery
--- a/ansible/roles/wg_vpn/templates/wg0-hatchery.conf
+++ b/ansible/roles/wg_vpn/templates/wg0-hatchery.conf
@ -0,0 +1,8 @@
+[Interface]
+PrivateKey = {{ wireguard_clients[3]['privkey'] }}
+Address = {{ wireguard_vpn_network | ipsubnet(32, wireguard_clients[3]['offset']) }}
+
+[Peer]
+PublicKey = {{ wireguard_server_pubkey }}
+Endpoint = vpn.awful.club:51820
+AllowedIPs = 0.0.0.0/0