playbook_provision_backbone: configure backbone for sax-rgs-gw-core01

2023-01-10 01:31:36 +01:00 · 2023-01-10 01:31:36 +01:00 · a837a2b916
parent e3793d07a8
commit a837a2b916
3 changed files with 19 additions and 0 deletions
--- a/files/ospfd.conf
+++ b/files/ospfd.conf
@ -31,4 +31,7 @@ area 0.0.0.0 {
 	interface wg2 {
 		type p2p
 	}
+	interface wg3 {
+		type p2p
+	}
 }
--- a/files/pf.wg3.conf
+++ b/files/pf.wg3.conf
@ -0,0 +1,11 @@
+# allow incoming udp packets for wg3
+pass in proto udp from any to self port 51823
+
+# allow ospf on wg3
+pass on wg3 proto ospf
+
+# allow prometheus on wg3
+pass on wg3 proto tcp from any to self port 9100
+
+# allow outgoing snmp on wg3
+pass out on wg3 proto udp from self to any port snmp
--- a/templates/hostname.wg3
+++ b/templates/hostname.wg3
@ -0,0 +1,5 @@
+inet 10.86.254.0/31
+mtu 1350
+wgport 51823
+wgkey {{ lookup('passwordstore', 'wg/wg3/eae-adp-jump01') }}
+wgpeer {{ lookup('passwordstore', 'wg/wg3/sax-rgs-gw-core01.pub') }} wgpsk {{ lookup('passwordstore', 'wg/wg3/psk') }} wgaip 0.0.0.0/0