mirror of https://gerrit.hackerspace.pl/hscloud
61 lines
1.9 KiB
Plaintext
61 lines
1.9 KiB
Plaintext
local kube = import "../../../kube/kube.libsonnet";
|
|
local vpn = import "vpn.libsonnet";
|
|
|
|
{
|
|
local top = self,
|
|
tls: vpn.PKI("implr-vpn"),
|
|
|
|
servers: {
|
|
praisethesun: vpn.Server("openvpn-implr-praisethesun", 11223, top.tls) {
|
|
cfg+: {
|
|
namespace: "implr-vpn",
|
|
configFile: |||
|
|
dev tun
|
|
tmp-dir /dev/shm/
|
|
proto udp
|
|
port 11223
|
|
topology subnet
|
|
server 172.17.1.0 255.255.255.0
|
|
keepalive 10 60
|
|
persist-tun
|
|
persist-key
|
|
cipher AES-256-CBC
|
|
dh none
|
|
ca /mnt/pki/ca.crt
|
|
cert /mnt/pki/tls.crt
|
|
key /mnt/pki/tls.key
|
|
|||
|
|
}
|
|
},
|
|
curssys: vpn.Server("openvpn-implr-curssys", 11224, top.tls) {
|
|
cfg+: {
|
|
namespace: "implr-vpn",
|
|
configFile: |||
|
|
dev tun
|
|
tmp-dir /dev/shm/
|
|
proto udp
|
|
port 11224
|
|
topology subnet
|
|
server 172.20.1.0 255.255.255.0
|
|
keepalive 10 60
|
|
persist-tun
|
|
persist-key
|
|
cipher AES-256-CBC
|
|
dh none
|
|
ca /mnt/pki/ca.crt
|
|
cert /mnt/pki/tls.crt
|
|
key /mnt/pki/tls.key
|
|
|||
|
|
}
|
|
},
|
|
},
|
|
clients: {
|
|
kektop: vpn.Client("kektop", top.servers.praisethesun),
|
|
admin1: vpn.Client("admin1", top.servers.praisethesun),
|
|
desk1: vpn.Client("desk1", top.servers.praisethesun),
|
|
desk2: vpn.Client("desk2", top.servers.curssys),
|
|
thonk: vpn.Client("thonk", top.servers.curssys),
|
|
anthracite: vpn.Client("anthracite", top.servers.curssys),
|
|
}
|
|
}
|