tinc/README.md

1.1 KiB

Ansible tinc role

Based on https://github.com/thisismitch/ansible-tinc

Creates the directory structure for a tinc install:

/etc/tinc/{{netname}}/
/etc/tinc/{{netname}}/tinc-up
/etc/tinc/{{netname}}/tinc-down
/etc/tinc/{{netname}}/tinc.conf
/etc/tinc/{{netname}}/hosts/
/etc/tinc/{{netname}}/hosts/{{ inventory_name }}
/etc/tinc/{{netname}}/rsa_key.priv

The last one is a RSA 4096 private key, it may take a while to generate on low-entropy servers.

It will also sync the playbook_dir/fetch/ directory into /etc/tinc/{{netname}}/hosts/.

Expected group vars

  • netname: Name of the TINC network
  • net_addr: Address of the network
  • net_cidr: CIDR of the network (24 for me)
  • default_connect: Default node name to connect to (empty for a new network)

Sample group_vars/all file:

---

netname: mynetwork
net_addr: 10.11.12.0
net_cidr: 24
default_connect: mymachine

Expected host vars

vpn_ip: desired VPN internal ip of this host

[vpn_hosts]
mymachine ansible_host=1.1.1.1 vpn_ip=10.11.12.23
mymachine2 ansible_host=1.1.2.2 vpn_ip=10.11.12.23