Dateien erstellt

Ansible/playbook.yaml

@@ -0,0 +1,38 @@
+---
+- name: Install Container-runtime Podman - misc
+  remote_user: eichehome
+
+  tasks:
+  - name: Install Podman
+    ansible.builtin.package:
+      name: podman
+      state: present
+
+  - name: Install Git
+    ansible.builtin.package:
+      name: git
+      state: present
+
+  - name: Create Directory
+    ansible.builtin.file:
+      path: '/git/Network-Setup'
+      state: directory
+
+  - name: Checkout Git
+    ansible.builtin.git:
+      repo: 'https://git.sp-codes.de/eichehome/Network-Setup'
+      dest: /git/Network-Setup
+
+  - name: Setup wg0
+    ansible.builtin.file:
+      src: '/git/Network-Setup/Systemd/{{ item.src }}'
+      dest: '/etc/systemd/network/{{ item.dest }}'
+    loop:
+      - { src: wg0.netdev, dest: wg0.netdev }
+      - { src: wg0.network, dest: wg0.network }
+  
+  - name: Link resolve.conf
+    ansible.builtin.file:
+      src: '/run/systemd/resolve/stub-resolv.conf'
+      dest: '/etc/resolve.conf'
+      state: link

Systemd/25-ethernet-default.network

@@ -0,0 +1,20 @@
+[Match]
+Name=en*
+Name=eth*
+
+[Network]
+Description=Default config for ethernet
+
+[Network]
+#DHCP=ipv4
+DHCP=yes
+MulticastDNS=yes
+#DNSSEC=no
+DNSSEC=allow-downgrade
+IPv6AcceptRA=yes
+
+[IPv6AcceptRA]
+UseDNS=yes
+
+[Network]
+RouteMetric=100

Systemd/25-wlan-default.nework

@@ -0,0 +1,19 @@
+[Match]
+Name=wl*
+
+[Network]
+Description=Default config for wlan
+
+[Network]
+#DHCP=ipv4
+DHCP=yes
+MulticastDNS=yes
+#DNSSEC=no
+DNSSEC=allow-downgrade
+IPv6AcceptRA=yes
+
+[IPv6AcceptRA]
+UseDNS=yes
+
+[Network]
+RouteMetric=200

Systemd/25-wwan-default.network

@@ -0,0 +1,19 @@
+[Match]
+Name=ww*
+
+[Network]
+Description=Default config for interfaces
+
+[Network]
+#DHCP=ipv4
+DHCP=yes
+MulticastDNS=yes
+#DNSSEC=no
+DNSSEC=allow-downgrade
+IPv6AcceptRA=yes
+
+[IPv6AcceptRA]
+UseDNS=yes
+
+[Network]
+RouteMetric=300

Systemd/DHCPv4.network

@@ -0,0 +1,14 @@
+[Match]
+
+[Link]
+#Multicast=yes
+[Network]
+Description=An example Description
+DHCP=yes
+#DHCP=ipv6
+#DHCPServer=yes #DHCPv4
+#IPv6LinkLocalAddressGenerationMode=stable-privacy
+MulticastDNS=yes
+IPv6PrivacyExtensions=yes
+IgnoreCarrierLoss=5s
+IPv6AcceptRA=yes

Systemd/resolv.conf

@@ -0,0 +1,8 @@
+[Resolve]
+#DNSSEC=yes
+DNSSEC=allow-downgrade
+DNS=9.9.9.9#dns.quad9.net
+DNSOverTLS=yes
+Domains=~.
+Cache=no-negative
+#ReadEtcHosts=yes

Systemd/wg0-client.netdev

@@ -0,0 +1,14 @@
+Name=wg0
+Kind=wireguard
+Description=WireGuard-Client 10.0.0.2
+
+[WireGuard]
+PrivateKey=
+
+# Server
+[WireGuardPeer]
+PublicKey=
+#AllowedIPs=10.0.0.0/0,::/0
+PresharedKey=
+Endpoint=vpn.eichehome.dedyn.io:51820
+PersistentKeepalive=25

Systemd/wg0-client.network

@@ -0,0 +1,11 @@
+[Match]
+Name=wg0
+
+[Network]
+Address=10.0.0.2/24
+
+[Route]
+Gateway=10.0.0.1
+Destination=10.0.0.0/8
+GatewayOnLink=yes
+#Scope=link

Systemd/wg0-server.netdev

@@ -0,0 +1,13 @@
+Name=wg0
+Kind=wireguard
+Description=WireGuard-Server 10.0.0.0/8
+
+[WireGuard]
+PrivateKey=
+ListenPort=51820
+
+# Client 1
+[WireGuardPeer]
+PublicKey=
+#AllowedIPs=10.0.0.2/24
+PresharedKey=

Systemd/wg0-server.network

@@ -0,0 +1,10 @@
+[Match]
+Name=wg0
+
+[Network]
+Address=10.0.0.1/24
+
+[Route]
+Gateway=10.0.0.1
+Destination=10.0.0.0/24
+#Scope=link