diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-11-06 16:28:05 +0100 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-11-06 16:28:05 +0100 |
commit | ce58be29befe0697cbae824c12f09064670c4560 (patch) | |
tree | a3ec579c7de7580f710160e0e21821f4ac879afe /manifests/wireguard_peer.pp | |
parent | Add initial wireguard profiles. (diff) | |
download | profiles-ce58be29befe0697cbae824c12f09064670c4560.tar.gz profiles-ce58be29befe0697cbae824c12f09064670c4560.tar.xz |
Move more wireguard config to hiera.
Diffstat (limited to 'manifests/wireguard_peer.pp')
-rw-r--r-- | manifests/wireguard_peer.pp | 14 |
1 files changed, 1 insertions, 13 deletions
diff --git a/manifests/wireguard_peer.pp b/manifests/wireguard_peer.pp index 0f02e39..6eaeef1 100644 --- a/manifests/wireguard_peer.pp +++ b/manifests/wireguard_peer.pp @@ -32,19 +32,7 @@ class profiles::wireguard_peer ( 'ListenPort' => $profiles::wireguard::port, 'PrivateKey' => $private_key, }, - 'WireGuardPeer' => { - 'PublicKey' => $peer_key, - # IP addresses which the kernel will accept sending over this - # interface. Set it to 0.0.0.0/0 to allow anything to traverse - # the tunnel - 'AllowedIPs' => [ - '10.0.0.0/23', # adrift.space localnet - '10.0.10.2/32', # Wireguard return - ], - # TODO is IP addresses allowed here? - # Where the peer we want to connect to resides - 'Endpoint' => "gandalf.adrift.space:${profiles::wireguard::port}", - } + 'WireGuardPeer' => $peers, } } |