matthiaslohr.tincvpn

Panoramica Versioni Approfondimenti

Ansible Role for tinc VPN

This is an Ansible role to set up one or more tinc VPN networks (https://www.tinc-vpn.org/).

How to Use

  1. Add the role to your requirements.yml file:

    - src: https://github.com/MatthiasLohr/ansible-role-tincvpn
  name: matthiaslohr.tincvpn

    You can also specify the version you want to install using the version parameter. Check the Ansible Galaxy Documentation for more details.

  2. Set the tincvpn_default_ip for your hosts in the inventory file:

    [all]
node1 tincvpn_default_ip=192.168.255.1
node2 tincvpn_default_ip=192.168.255.2
node3 tincvpn_default_ip=192.168.255.3

  3. Here's a simple example of a playbook:

    - hosts: all
  roles:
    - matthiaslohr.tincvpn

  4. For examples of how to configure multiple tinc networks at once, check the documentation.

Host Variables

Variable Name Default Value Description
tincvpn_{{ tincvpn_network }}_ip none The tinc IP address of this node (should be part of tincvpn_subnet)

Role Variables

Variable Name Default Value Description
tincvpn_network "default" The name of the tinc network (like the tinc configuration folder name).
tincvpn_interface "tincvpn-{{ tincvpn_network }}" The name of the network interface used by tinc.
tincvpn_subnet "192.168.255.0/24" The subnet used by tinc.
tincvpn_mode "switch" The mode setting for tinc.
tincvpn_port 655 The listening port for tinc.
tincvpn_extra_hosts [] Additional tinc hosts that are not managed by the playbook (see Additional Hosts).
tincvpn_key_bits 2048 The length of the RSA private key.
tincvpn_connect_to [] Nodes to connect to by default. You can specify one nodename as a string or multiple as a list.
tincvpn_routes [] Routes to add using the tinc VPN network interface.
tincvpn_local_directory "{{ inventory_dir }}/tincvpn-hosts/{{ tincvpn_network }}" Directory to save host public keys locally.
tincvpn_custom_config {} Custom tinc VPN configuration parameters. Example: PingInterval: "60"
tincvpn_custom_up_scripts [] Custom commands for the tinc-up script template.
tincvpn_custom_down_scripts [] Custom commands for the tinc-down script template.

Configuration Options

Additional Hosts

If you want to connect to a node not included in the Ansible inventory (like a central router), you can configure additional hosts in the playbook variables:

tincvpn_extra_hosts:
  - name: externalnode1
    address: externalnode1.example.com
    public_key: |
      -----BEGIN RSA PUBLIC KEY-----
      ...
      -----END RSA PUBLIC KEY-----

  - name: externalnode2
    address: externalnode2.example.com
    public_key: |
      -----BEGIN RSA PUBLIC KEY-----
      ...
      -----END RSA PUBLIC KEY-----

Custom Routes

You can also define custom routes:

tincvpn_routes:
  - network: "192.168.254.0/24"
    gateway: "192.168.255.1"
Informazioni sul progetto

Ansible role for setting up one or many tinc VPN networks (https://www.tinc-vpn.org/).

role vpn tinc
Installa
ansible-galaxy install matthiaslohr.tincvpn
GitHub repository
16 stelle
11 fork
0 problemi aperti
Licenza
mit
Download
121
Proprietario
Matthias Lohr
Enterprise Software Architect