viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

revive wireguard to use as infra backbone [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2025-04-14 16:39:44 +00:00
parent ce81b69ab6
commit df5403bab5
4 changed files with 10 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

18
modules/kubernetes/wireguard/extra/clients.conf
View file

@ -1,20 +1,4 @@
#[Peer]
# friendly_name = ellieIphone
#PublicKey = vqM6xQm6pcKu4LTPconOPE4jgqyq4Z3JRcSj6PYYyh8=
#AllowedIPs = 10.3.3.12/32
#[Peer]
# friendly_name = Elena
#PublicKey = D1b0LRZZixhv9nL7racEVuRRYWcscNGbT8y5gFxY8F0=
#AllowedIPs = 10.3.3.12/32
[Peer]
# friendly_name = anca
PublicKey = fr4DB6FHhxYyzrtnoNbhdT8Fqwvsz7QkhTnZpSQmBCY=
AllowedIPs = 10.3.3.13/32
[Peer]
# friendly_name = atanunq
PublicKey = WsvC6GO634AOcoA1jqtxF3pz5cmxmkz7RGkX140PBTI=
AllowedIPs = 10.3.3.15/32
AllowedIPs = 10.3.3.13/32

9
modules/kubernetes/wireguard/main.tf
View file

@ -85,6 +85,15 @@ resource "kubernetes_deployment" "wireguard" {
}
}
spec {
init_container {
name = "sysctl-setup"
image = "busybox"
command = ["/bin/sh", "-c", "echo 1 > /proc/sys/net/ipv4/ip_forward"]
security_context {
privileged = true
}
}
container {
image = "sclevine/wg:latest"
name = "wireguard"