78 lines
1.4 KiB
Markdown
78 lines
1.4 KiB
Markdown
Tinc
|
|
============
|
|
|
|
Setup and configuration of a tinc VPN network.
|
|
|
|
|
|
Requirements
|
|
------------
|
|
|
|
none
|
|
|
|
|
|
Role Variables
|
|
--------------
|
|
|
|
Central configuration:
|
|
* `tinc_vpn_id`: name of the vpn to be created (default: `vpn0`)
|
|
* `tinc_central_host`: hostname of the always-on server (default: `hetzner-01`)
|
|
* `tinc_vpn_net`: local vpn network (IPv4, CIDR notation)
|
|
* `tinc_remote_nets`: list of remote networks, that should be forwarded to localhost (TODO: currently only one entry supported)
|
|
* `net_cidr`: IPv4 network range (CIDR notation)
|
|
* `gateway`: VPN network IP address of the gateway
|
|
|
|
Configuration for each host:
|
|
* `tinc_client_ip`: own IP address in the tinc-local network
|
|
* `tinc_public_addr`: public domain or IP address of the central server
|
|
|
|
|
|
Dependencies
|
|
------------
|
|
|
|
none
|
|
|
|
|
|
Example Playbook
|
|
----------------
|
|
|
|
Hostfile:
|
|
```
|
|
tinc:
|
|
vars:
|
|
tinc_vpn_net: 172.16.1.0/24
|
|
tinc_remote_nets:
|
|
- net_cidr: 192.168.1.0/24
|
|
gateway: 172.16.1.2
|
|
hosts:
|
|
central_server:
|
|
tinc_public_addr: central_server.example.com
|
|
tinc_client_ip: 172.16.1.1
|
|
remote_gateway:
|
|
tinc_client_ip: 172.16.1.2
|
|
localhost:
|
|
tinc_client_ip: 172.16.1.3
|
|
```
|
|
|
|
Playbook:
|
|
```
|
|
- name: Install tinc
|
|
hosts: tinc
|
|
roles:
|
|
- tinc
|
|
|
|
- name: Distribute hostfiles
|
|
hosts: tinc
|
|
tasks:
|
|
- name: Tinc - Distribute hostfiles
|
|
ansible.builtin.import_role:
|
|
name: tinc
|
|
tasks_from: distribute
|
|
```
|
|
|
|
|
|
License
|
|
-------
|
|
|
|
GPLv3
|
|
|