latest changes i dont know

2026-02-18 21:17:43 +01:00 · 2026-02-18 21:17:43 +01:00 · 116e29699f
commit 116e29699f
parent bc3bc799ad
10 changed files with 86 additions and 8 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/host_vars/edge5/vars.yml
+++ b/host_vars/edge5/vars.yml
@ -0,0 +1,14 @@
+ansible_host: localhost
+ansible_connection: local
+ansible_python_interpreter: /usr/bin/python3
+
+ipv4_network: 10.11.0.0/16
+ipv4_dhcp_start: 10.11.0.30
+ipv4_dhcp_stop: 10.11.0.250
+ipv4_address: 10.11.0.1
+ipv6_network: 2a03:2260:121:60b::/64
+ipv6_address: 2a03:2260:121:60b::1/64
+wireguard_address: 10.255.1.11/24
+wireguard_v6_address: fd80:3ea2:e399:203a::11
+wireguard_public: 5B/YTaDPVWVApUyHshJp899iXXlBy8rBqJUpYvKo+1s=
+wiregurad_v4: 10.255.1.1
--- a/host_vars/edge5/vault.yml
+++ b/host_vars/edge5/vault.yml
@ -0,0 +1,12 @@
+$ANSIBLE_VAULT;1.1;AES256
+63373161393033633933653763653661626365376332306438326363333263656366623837333061
+3665663736393837663634653439356465356234613933320a613530656335326538326262376163
+36336139633033326430663362633839653831326362326439303634376666623862663037636533
+3031306666356637370a396164386339653630343366393163623136333166643162393663323931
+65376261356666313034633237323531363733343061396166343333666538313232616265303933
+32303633343666346134666332626635396132313932623535383538326639316465633432343239
+32353563643565393034653933356235663434376131366565636634376332353738363730626162
+31353236303764663236346437613031623634663762653664383534613738353363346563313063
+66363430306533666263356365383365303564303565316462306664356236316430653065613036
+30386238616564326132303262623664313935376332373037343664666138303932316330336238
+363762633930393837363662343133666363
--- a/host_vars/edge6/vars.yml
+++ b/host_vars/edge6/vars.yml
@ -0,0 +1,14 @@
+ansible_host: localhost
+ansible_connection: local
+ansible_python_interpreter: /usr/bin/python3
+
+ipv4_network: 10.12.0.0/16
+ipv4_dhcp_start: 10.12.0.30
+ipv4_dhcp_stop: 10.12.0.250
+ipv4_address: 10.12.0.1
+ipv6_network: 2a03:2260:121:60c::/64
+ipv6_address: 2a03:2260:121:60c::1/64
+wireguard_address: 10.255.1.12/24
+wireguard_v6_address: fd80:3ea2:e399:203a::12
+wireguard_public: 5B/YTaDPVWVApUyHshJp899iXXlBy8rBqJUpYvKo+1s=
+wiregurad_v4: 10.255.1.1
--- a/host_vars/edge6/vault.yml
+++ b/host_vars/edge6/vault.yml
@ -0,0 +1,12 @@
+$ANSIBLE_VAULT;1.1;AES256
+63373161393033633933653763653661626365376332306438326363333263656366623837333061
+3665663736393837663634653439356465356234613933320a613530656335326538326262376163
+36336139633033326430663362633839653831326362326439303634376666623862663037636533
+3031306666356637370a396164386339653630343366393163623136333166643162393663323931
+65376261356666313034633237323531363733343061396166343333666538313232616265303933
+32303633343666346134666332626635396132313932623535383538326639316465633432343239
+32353563643565393034653933356235663434376131366565636634376332353738363730626162
+31353236303764663236346437613031623634663762653664383534613738353363346563313063
+66363430306533666263356365383365303564303565316462306664356236316430653065613036
+30386238616564326132303262623664313935376332373037343664666138303932316330336238
+363762633930393837363662343133666363
--- a/host_vars/vpn01/vars.yml
+++ b/host_vars/vpn01/vars.yml
@ -46,7 +46,7 @@ wireguard_unmanaged_peers:
    allowed_ips: 10.255.1.7/32, 10.7.0.0/16, fd80:3ea2:e399:203a::7/128, 2a03:2260:121:607::/64
  ## Nils
  vpn8-nils:
-    public_key: g+l9gP3SR99Q8TZ3uKs7yu1mANy97EFA21THrC/n1W0=
+    public_key: coMTSYaBzEc1gHOi08biqztysr6ehmvDY/D4/x6AvQM=
    allowed_ips: 10.255.1.8/32, 10.8.0.0/16, fd80:3ea2:e399:203a::8/128, 2a03:2260:121:608::/64
  ## edge3
  vpn9-edge3:
@ -56,7 +56,28 @@ wireguard_unmanaged_peers:
  vpn10-edge4:
    public_key: 2Cq7gW5mSTcOJGzvw4dvdERhAFx3EIga5Ftds9zKlT8=
    allowed_ips: 10.255.1.10/32, 10.10.0.0/16, fd80:3ea2:e399:203a::10/128, 2a03:2260:121:60a::/64
-  ## Stefan_Test
-  vpn10-edge4:
-    public_key: UHaYitx18sO71Ssk2SVUgdjLaAILbCthCmosU+Fs5Es=
+  ## edge5 - Galerie Troisdorf
+  vpn11-edge5:
+    public_key: CxEaN9CosiuFPScPGEDYiy/sij2I3yRY/QpaxsU+RTI=
    allowed_ips: 10.255.1.11/32, 10.11.0.0/16, fd80:3ea2:e399:203a::11/128, 2a03:2260:121:60b::/64
+  ## CCT - Kirche Troisdorf Michael
+  vpn12-edge6:
+    public_key: OgSeG+P1YvIwyD6/AQtA68UXYWTH8XPePLZiLvETfww=
+    allowed_ips: 10.255.1.12/32, 10.12.0.0/16, fd80:3ea2:e399:203a::12/128, 2a03:2260:121:60c::/64
+  ## CloudGateway Donrather Hof
+  vpn13-cgu2:
+    public_key: qXa7Loe+uO4x5fkBp7EsVNLhkgEF3v1xCCM74cJwujo=
+    allowed_ips: 10.255.1.13/32, 10.13.0.0/16, fd80:3ea2:e399:203a::13/128, 2a03:2260:121:60d::/64
+  ## Nils 2
+  vpn14-nils2:
+    public_key: 49jZ+ysNWTm0XQ/9zDRzPc8WpPoEIHOq4tz5wS+HBQE=
+    allowed_ips: 10.255.1.14/32, 10.14.0.0/16, fd80:3ea2:e399:203a::14/128, 2a03:2260:121:60e::/64
+  ## Nils 3
+  vpn15-nils3:
+    public_key: V2Mx7MxX87dfwnkD1H1xjMvmk/9ONpFEVLNeIL3eayo=
+    allowed_ips: 10.255.1.15/32, 10.15.0.0/16, fd80:3ea2:e399:203a::15/128, 2a03:2260:121:60f::/64
+  ## Brüsseler Str.
+  vpn16-bruesseler:
+    public_key: ldhDOhrZtj37rrg+gyvtcbhf3T/fw8oSFhR5XZKdAh8=
+    allowed_ips: 10.255.1.16/32, 10.16.0.0/16, fd80:3ea2:e399:203a::16/128, 2a03:2260:121:61a::/64
+
--- a/hosts.yml
+++ b/hosts.yml
@ -32,4 +32,5 @@ all:
        edge2:
        edge3:
        edge4:
-            
+        edge5:
+        edge6:
--- a/roles/01-vpn-router-config/templates/edgerouter.conf.j2
+++ b/roles/01-vpn-router-config/templates/edgerouter.conf.j2
@ -4,6 +4,9 @@ Ein LAN mit Adresse: {{ ipv4_address }}

 Dann auf der Konsole weiter

+
+add system image https://dl.ui.com/firmwares/edgemax/v2.0.9-hotfix.6/ER-e50.v2.0.9-hotfix.6.5574651.tar
+
 ## Install Wireguard
 cd /tmp
 curl -OL https://github.com/WireGuard/wireguard-vyatta-ubnt/releases/download/1.0.20211208-1/e50-v2-v1.0.20211208-v1.0.20210914.deb
@ -73,7 +76,7 @@ set interfaces switch switch0 switch-port interface eth3
 set interfaces switch switch0 switch-port interface eth4
 set interfaces switch switch0 switch-port vlan-aware disable
 set interfaces wireguard wg0 address {{ wireguard_address }}
-set interfaces wireguard wg0 address {{ wireguard_v6_address }}
+set interfaces wireguard wg0 address {{ wireguard_v6_address }}/128
 set interfaces wireguard wg0 listen-port 51822
 set interfaces wireguard wg0 mtu 1380
 set interfaces wireguard wg0 peer {{ wireguard_public }} allowed-ips 0.0.0.0/0
--- a/system-setup-services.yml
+++ b/system-setup-services.yml
@ -1,8 +1,9 @@
-# ansible-playbook -i hosts.yml system-setup-unifi.yml
+# ansible-playbook -i hosts.yml system-setup-services.yml
 - name: System preperation
  hosts: service_server
  roles:
    - 00-ubuntu-basic
+    - 21-install-oitc

 - name: Docker Setup
  hosts: unifi
--- a/update_wg.yml
+++ b/update_wg.yml
@ -1,6 +1,6 @@
 # ansible-playbook -i hosts.yml update_wg.yml -e vault.yml --ask-vault-password
 - name: System preperation
-  hosts: vpn-offloader-wireguard
+  hosts: supernodes
  roles:
     - 21-install-wireguard