]> birchwood-abbey.net Git - Institute/commit
projects / Institute / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 69f5290) | patch
Remove OpenVPN. Add pubkeys to the institute "client" command args.
authorMatt Birkholz <matt@birchwood-abbey.net>
Sat, 14 Jun 2025 23:34:14 +0000 (17:34 -0600)
committerMatt Birkholz <matt@birchwood-abbey.net>
Sat, 14 Jun 2025 23:34:14 +0000 (17:34 -0600)
commit5c742e609f70d195e657c10cf23b915976adb333
tree8d41d4724f8c9ebabf7003afbf15958b9f0d6c6ctree | snapshot
parent69f5290158b656789c2e877136cec1a85bf4c493commit | diff
Remove OpenVPN.  Add pubkeys to the institute "client" command args.

Replaced "revoked" with "clients" in private/members.yml.

Use a PostUp command to install peer private keys from the local
/etc/wireguard/private-key file, thus keeping it out of the WireGuard™
and Ansible configurations.  Moved e.g Secret/gate-wg0.conf to
private/.  Provide the example private keys in a table (as they appear
nowhere else!).  Treat gate-wg0.conf and front-wg0.conf like
members.yml: do not tangle them and thus wipe out a test state(?).
32 files changed:
.gitignore diff | blob | history
README.org diff | blob | history
Secret/CA/pki/certs_by_serial/5BC4C03F376A8688415E10F3BCAD905E.pem [deleted file] blob | history
Secret/CA/pki/certs_by_serial/B0C65C6B0A978A7897BA90C7E68C7FF0.pem [deleted file] blob | history
Secret/CA/pki/index.txt diff | blob | history
Secret/CA/pki/index.txt.old diff | blob | history
Secret/CA/pki/issued/core.crt [deleted file] blob | history
Secret/CA/pki/issued/gate.small.private.crt [deleted file] blob | history
Secret/CA/pki/private/core.key [deleted file] blob | history
Secret/CA/pki/private/gate.small.private.key [deleted file] blob | history
Secret/CA/pki/reqs/core.req [deleted file] blob | history
Secret/CA/pki/reqs/gate.small.private.req [deleted file] blob | history
Secret/core-wg0.conf [deleted file] blob | history
Secret/front-dh2048.pem [deleted file] blob | history
Secret/front-shared.key [deleted file] blob | history
Secret/front-wg0.conf [deleted file] blob | history
Secret/gate-dh2048.pem [deleted file] blob | history
Secret/gate-shared.key [deleted file] blob | history
Secret/gate-wg0.conf [deleted file] blob | history
inst diff | blob | history
playbooks/check-inst-vars.yml diff | blob | history
private/core-dhcpd.conf diff | blob | history
private/core-wg0.conf [new file with mode: 0644] blob
private/db.domain diff | blob | history
private/members-empty.yml diff | blob | history
private/vars.yml diff | blob | history
roles_t/core/handlers/main.yml diff | blob | history
roles_t/core/tasks/main.yml diff | blob | history
roles_t/front/handlers/main.yml diff | blob | history
roles_t/front/tasks/main.yml diff | blob | history
roles_t/gate/handlers/main.yml diff | blob | history
roles_t/gate/tasks/main.yml diff | blob | history
Small Institute Networking