From 922fac2f309b7a36b69cbbe204b2fcfc55d0fdb3 Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Tue, 19 Mar 2024 22:36:20 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=90=20truenas=20wireguard=20private=20?= =?UTF-8?q?key?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ansible/inventory/host_vars/truenas-remote.sops.yaml | 7 ++++--- ansible/inventory/host_vars/truenas.sops.yaml | 4 ++-- .../templates/wireguard/truenas-remote.xpander.ovh.conf | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/ansible/inventory/host_vars/truenas-remote.sops.yaml b/ansible/inventory/host_vars/truenas-remote.sops.yaml index 82d53c342..ffef52ad3 100644 --- a/ansible/inventory/host_vars/truenas-remote.sops.yaml +++ b/ansible/inventory/host_vars/truenas-remote.sops.yaml @@ -3,6 +3,7 @@ root_api_key: ENC[AES256_GCM,data:e+g6jvxD9kBSYVbzGXR0QZZMAnxndPu04Dhs3UjNsjHyq+ ansible_host: ENC[AES256_GCM,data:ldsDTnydWPMnAnOiSlVrkiiL6w==,iv:luNgXdV3uBRaGzBIlw4E5UrZqKBaakgwc+9YC9xXInM=,tag:MldHmJpsOqe7oJMA83Xm9g==,type:str] ansible_password: ENC[AES256_GCM,data:6F+H0sO8BP7QSZxE6hE=,iv:GOMmcmYZVbT+UbjmHZf4f8jJaBEKV7JWDVpoMQ0QPsI=,tag:YZHl5Sy0wMLibgN7wJ7SNw==,type:str] ansible_become_pass: ENC[AES256_GCM,data:KFih2YRvhMLDao5fQ+Q=,iv:cv54gnuCtg6Nt/XbUJ2osNnvPTGhnpKLc5btMY/cSW8=,tag:uxgxAj6WLqms+S2N677kyg==,type:str] +wireguard_private_key: ENC[AES256_GCM,data:qJL0V5muCpXRXnXIS4YNymB2HcvgAPs64R3YHXb3x9MHqjImGwSb4jfD8fs=,iv:UPer7aN1M7T+GBLZ6iP6xhfds6zZscgQgSV9ROdLrXg=,tag:kzEuJduCpzcDpwUFfbn+0w==,type:str] sops: kms: [] gcp_kms: [] @@ -18,8 +19,8 @@ sops: ZFlyQ1lGbnVPaSs4cytQYzNwRnJabmcKP0ogZqsaoD6heCqmObwttBgE039aLqe2 R55NPkQJJyFSbDbdDmPApE4IwtXay54QGw2RR4AxOZW4G2dWhdzP3w== -----END AGE ENCRYPTED FILE----- - lastmodified: "2022-07-21T19:48:24Z" - mac: ENC[AES256_GCM,data:nEaUZqbbRmmU69uLvsJODfzG/LmehP+B9PV1aVxLJD66VJrZR/eO70NohrAGC49PPJgt/I92NJmFLYZ6vtyz/IMTPSEckv/mxHR0U7AQ8+CSnwa8Alzd85OAa9fq4XZ17BBnuT+wBHdPq1H99zLw08MXShCxzx/1ygtb58DDj+k=,iv:5VtAIHJIxONYimmiakxZL12M6+Rig9urEVVAQcEBcbk=,tag:ojoIcXajAXYeTB3vOTIYBw==,type:str] + lastmodified: "2024-03-19T21:55:55Z" + mac: ENC[AES256_GCM,data:IIkga8Ccokgv3EmAAWyEGVhlAwqUcYHEg2T31BtMZTnvZV0+af/OWRafcCWCmoUmToG8r3eqYh1BkFuTAUY7gaBk7H+Wnl5pPnNANdf7LQfc/sCIHpBT/gjZb8Ewtbvzd4C/PAdwaVeJ2SP6IfYQ4MB7unav71Z3d5ynaeBFgrM=,iv:R7rvNBhl6L12Dw+HYygMx1QY5Aob60zi64/YyDYy+hQ=,tag:ENhDNeLAh3OdyCQSC7knUg==,type:str] pgp: [] unencrypted_regex: ^(kind)$ - version: 3.7.3 + version: 3.8.1 diff --git a/ansible/inventory/host_vars/truenas.sops.yaml b/ansible/inventory/host_vars/truenas.sops.yaml index be58ba5fe..26a8aa8e6 100644 --- a/ansible/inventory/host_vars/truenas.sops.yaml +++ b/ansible/inventory/host_vars/truenas.sops.yaml @@ -20,8 +20,8 @@ sops: aG5zWW1XclBOS2cxMkwzZ3c1R1psNGsKzeSHHV7AYXCUNiiXJlBRFVWMZtfK3naj VRtF22+DYfjumQuwam2ZzhdLQ//1ciHnkJc58dKeTbYUHzC+fWpaZQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-01-14T10:19:17Z" - mac: ENC[AES256_GCM,data:51zO9hPDmKOQN3ui9+/4tHVg+xYIoNw0y/BQ/f0QSW968ZhotHftQqLS7i9h14871zWPI8/J7m7hWb4X8LIS4Hn8Bf6PsBt6efm0QSsNvvaiUUwisn/WgbQXp7fF6NyN3f1beHJAm5a/qmVbuCYwySwDlZfAbrHnyY3ogq3dKjs=,iv:V2F4Dc7VxodM6d6ioD8tROjwPcU671a8IZzm8GWpihc=,tag:5JU0/QzcGjn2xJLbSB/tJA==,type:str] + lastmodified: "2024-03-19T21:55:42Z" + mac: ENC[AES256_GCM,data:oEValcnIzQbxmFntXn6TEBk5FVPA2OSXR+Xr7THu43MG4C4nLeI2EIjanV+7+c0Dq2twsB5JarmcU2Y0l/s+9V2ZFlSA7LaPwrYZNSCySAqfy9XCJhuJAt4QGDa7CFdF1UQNbKtDv4YQ9UVpvg9BXCyc6siTIx7R+OU+Zh1P+l0=,iv:NSos5J0OLbm8a/4QHEgpSF3OWIRm9YBYfDil5rYFARM=,tag:J7aGAAD9q1u/LHGqeQiW+A==,type:str] pgp: [] unencrypted_regex: ^(kind)$ version: 3.8.1 diff --git a/ansible/roles/truenas/templates/wireguard/truenas-remote.xpander.ovh.conf b/ansible/roles/truenas/templates/wireguard/truenas-remote.xpander.ovh.conf index 04b7c012b..39e5c0229 100644 --- a/ansible/roles/truenas/templates/wireguard/truenas-remote.xpander.ovh.conf +++ b/ansible/roles/truenas/templates/wireguard/truenas-remote.xpander.ovh.conf @@ -1,7 +1,7 @@ [Interface] Address = 10.10.0.2/32 ListenPort = 51820 -PrivateKey = 8Gw/9MJpo8AwSmEY8W/zgPu6z0Lvn7E2LvRRDpkMhFo= +PrivateKey = {{ wireguard_private_key }} DNS = 10.10.0.1 [Peer]