support for multiple hypervisors

2023-05-03 23:35:57 +02:00 · 2023-05-03 23:35:57 +02:00 · b9ad2e866a
commit b9ad2e866a
parent 8e72446652
9 changed files with 70 additions and 15 deletions
--- a/ansible/inventory/host_vars/jefke/apt.yml
+++ b/ansible/inventory/host_vars/jefke/apt.yml
@ -0,0 +1,5 @@
+apt_install_packages:
+  - qemu-kvm
+  - libvirt-daemon-system
+  - sudo
+  - bridge-utils
--- a/ansible/inventory/host_vars/jefke/ssh_certificates.yml
+++ b/ansible/inventory/host_vars/jefke/ssh_certificates.yml
@ -0,0 +1,12 @@
+deploy_ssh_certificates:
+  - name: ssh_user_ed25519_key
+    type: user
+    key_type: ed25519
+    signing_key: hyp_user
+    host: jefke.hyp
+    principals: hypervisor
+  - name: ssh_host_ed25519_key
+    type: host
+    key_type: ed25519
+    signing_key: hyp_host
+    host: jefke.hyp
--- a/ansible/inventory/host_vars/jefke/wireguard.yml
+++ b/ansible/inventory/host_vars/jefke/wireguard.yml
@ -0,0 +1,18 @@
+wireguard_addresses:
+  - "10.42.1.1/32"
+wireguard_endpoint: "jefke.hyp"
+wireguard_private_key: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  36376161636365313033613362336239656164643430306437393866353036303938616136613933
+  6333613866643139653130393532613838353031613562350a663664633033353364303035353131
+  66363439353537323636313466303236393530653938393838373837366436316665343831623934
+  3234363066366235300a346636613930346466643566666265613733343266613030613765313161
+  63343133646566623264393533613733363735666432396366623737306232303761366465306164
+  3937653537316461376263613338373439313531383961623333
+wireguard_unmanaged_peers:
+  pim:
+    public_key: "xQ1hkwpIf5x7Wkx1leQHXx3RK8fjGWt2ZmG9XUN3V08="
+    allowed_ips: "10.42.1.2/32"
+  niels:
+    public_key: "WJO/DQUJyDp4rFW291F2Ai51lotU2IC+OATu+5P3Jio="
+    allowed_ips: "10.42.1.3/32"