services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

switch to duconet-wg service mesh

Browse Source
This commit is contained in:
Reese Wells
2024-06-24 09:30:38 -04:00
parent 44e484f22e
commit b7f93fe41d
22 changed files with 476 additions and 141 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@@ -8,12 +8,13 @@ A project to store homelab stuff.
- [Table of Contents](#table-of-contents)
- [Platforms](#platforms)
- [Reverse Proxy](#reverse-proxy)
- [Storage](#storage)
- [Service Mesh](#service-mesh)
- [Data Storage](#data-storage)
- [Components](#components)
- [CoreDNS](#coredns)
- [Metal LB](#metal-lb)
- [Nginx Ingress](#nginx-ingress)
- [Storage](#storage-1)
- [Storage](#storage)
- [Apps](#apps)
- [Dashboard](#dashboard)
- [Nextcloud](#nextcloud)
@@ -64,9 +65,15 @@ be installed on bare metal machine(s) via ansible to ensure max performance and
Each machine that acts as a reverse proxy will add its public ipv4 and ipv6 address(es) to
the public domains used for external and internal access (*.reeseapps.com).
### Storage
### Service Mesh
All servers will use ISCSI
All devices will be connected via wireguard and will talk over the wireguard connection. See
the wireguard folder for more details. It's advisable to create DNS records internally pointing
to the wireguard-assigned IP addresses.
### Data Storage
All servers will use ISCSI.
## Components
@@ -85,7 +92,7 @@ helm repo update
helm upgrade --install \
--namespace=coredns \
--create-namespace \
--values coredns-values.yaml \
--values coredns/coredns-values.yaml \
coredns \
coredns/coredns
```
@@ -328,7 +335,7 @@ helm repo update
# enc0 storage (iscsi)
helm upgrade \
--install \
--values truenas-iscsi-enc0.yaml \
--values democratic-csi/truenas-iscsi-enc0.yaml \
--namespace democratic-csi \
--create-namespace \
--set driver.config.httpConnection.apiKey=$(cat secrets/truenas-api-key) \
@@ -337,7 +344,7 @@ zfs-iscsi-enc0 democratic-csi/democratic-csi
# enc1 storage (iscsi)
helm upgrade \
--install \
--values truenas-iscsi-enc1.yaml \
--values democratic-csi/truenas-iscsi-enc1.yaml \
--namespace democratic-csi \
--create-namespace \
--set driver.config.httpConnection.apiKey=$(cat secrets/truenas-api-key) \
@@ -346,7 +353,7 @@ zfs-iscsi-enc1 democratic-csi/democratic-csi
# enc1 storage (nfs)
helm upgrade \
--install \
--values truenas-nfs-enc1.yaml \
--values democratic-csi/truenas-nfs-enc1.yaml \
--namespace democratic-csi \
--create-namespace \
--set driver.config.httpConnection.apiKey=$(cat secrets/truenas-api-key) \
@@ -576,7 +583,7 @@ helm repo update
helm upgrade --install \
gitea \
gitea-charts/gitea \
--values gitea-values.yaml \
--values gitea/gitea-values.yaml \
--namespace gitea \
--create-namespace
```

9
ansible/inventory.yaml
View File

@@ -12,12 +12,13 @@ colors:
orange:
yellow:
apt:
nextcloud-aio:
hosts:
nextcloud-aio:
unifi-external:
hosts:
unifi-external:
nextcloud-aio:
replicator:
dns:
hardware:
hosts:

2
coredns/coredns-values.yaml
View File

@@ -120,7 +120,7 @@ servers:
- name: prometheus
parameters: 0.0.0.0:9153
- name: forward
parameters: . /etc/resolv.conf
parameters: . 10.1.0.1
- name: cache
parameters: 30
- name: loop

3
democratic-csi/truenas-nfs-enc1.yaml
View File

@@ -45,7 +45,8 @@ driver:
shareHost: democratic-csi-server.reeselink.com
shareAlldirs: false
shareAllowedHosts: []
shareAllowedNetworks: []
shareAllowedNetworks:
- "fd00:fd41:d0f1:1010::0/64"
shareMaprootUser: root
shareMaprootGroup: root
shareMapallUser: ""

90
dns/README.md Normal file
View File

@@ -0,0 +1,90 @@
# Network Management
- [Network Management](#network-management)
- [DNS Caching](#dns-caching)
- [Route53](#route53)
- [Reeselink Addresses](#reeselink-addresses)
- [Reeseapps Addresses](#reeseapps-addresses)
- [Duconet WG Addresses](#duconet-wg-addresses)
## DNS Caching
Use unifi to cache important DNS records. The following are critical:
- `driveripper-wg.reeselink.com` `Host (AAAA)` `fd00:fd41:d0f1:1010::6`
- `democratic-csi-server.reeselink.com` `Host (A)` `fd00:fd41:d0f1:1010::6`
- `driveripper.reeseapps.com` `Host (A)` `10.1.200.253`
- `driveripper.reeseapps.com` `Host (A)` `10.1.203.197`
- `driveripper.reeseapps.com` `Host (AAAA)` `2600:1700:1e6c:a81f:153e:9c35:8ff3:fa3`
- `driveripper.reeseapps.com` `Host (AAAA)` `2600:1700:1e6c:a81f:793d:7abf:e94d:9bc4`
## Route53
```bash
aws route53 list-hosted-zones
# reeselink
aws route53 change-resource-record-sets --hosted-zone-id Z0092652G7L97DSINN18 --change-batch file://
# reeseapps
aws route53 change-resource-record-sets --hosted-zone-id Z012820733346FJ0U4FUF --change-batch file://
```
## Reeselink Addresses
These are convenience dns records so you don't have to remember every ip address. IPV6 and IPV4.
```bash
aws route53 change-resource-record-sets --hosted-zone-id Z0092652G7L97DSINN18 --change-batch file://dns/reeselink.json
```
You can extract these addresses into a text file with:
```bash
# IPV6
cat dns/reeselink.json | \
jq -c -r '[ .Changes.[] |
select( .ResourceRecordSet.Type | . == "AAAA") ]
| .[]
| .ResourceRecordSet
| .Name,.ResourceRecords.[].Value' > dns/ipv6.txt
# IPV4
cat dns/reeselink.json | \
jq -c -r '[ .Changes.[] |
select( .ResourceRecordSet.Type | . == "A") ]
| .[]
| .ResourceRecordSet
| .Name,.ResourceRecords.[].Value' > dns/ipv4.txt
```
## Reeseapps Addresses
```bash
aws route53 change-resource-record-sets --hosted-zone-id Z012820733346FJ0U4FUF --change-batch file://dns/reeseapps.json
```
## Duconet WG Addresses
After generating new addresses from wireguard's vars.yaml. Use find and replace regex
with the following:
```regex
(.*.reeselink.com)\n(.*)$
```
```regex
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "$1",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "$2"
}
]
}
},
```

104
dns/duconet-wg.txt Normal file
View File

@@ -0,0 +1,104 @@
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "yellow-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::1"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "orange-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::2"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "node1-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::3"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "node2-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::4"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "node3-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::5"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "driveripper-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::6"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "unifi-external-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::7"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "nextcloud-aio-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::8"
}
]
}
},

0
network/ipv4.txt → dns/ipv4.txt
View File

16
network/ipv6.txt → dns/ipv6.txt
View File

@@ -20,3 +20,19 @@ unifi-external.reeselink.com
2600:1700:1e6c:a81f:5054:ff:fea0:200c
e3s1plus.reeselink.com
2600:1700:1e6c:a81f:19a4:37de:9672:1f76
yellow-wg.reeselink.com
fd00:fd41:d0f1:1010::1
orange-wg.reeselink.com
fd00:fd41:d0f1:1010::2
node1-wg.reeselink.com
fd00:fd41:d0f1:1010::3
node2-wg.reeselink.com
fd00:fd41:d0f1:1010::4
node3-wg.reeselink.com
fd00:fd41:d0f1:1010::5
driveripper-wg.reeselink.com
fd00:fd41:d0f1:1010::6
unifi-external-wg.reeselink.com
fd00:fd41:d0f1:1010::7
nextcloud-aio-wg.reeselink.com
fd00:fd41:d0f1:1010::8

0
network/reeseapps.json → dns/reeseapps.json
View File

104
network/reeselink.json → dns/reeselink.json
View File

@@ -299,6 +299,110 @@
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "yellow-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::1"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "orange-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::2"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "node1-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::3"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "node2-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::4"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "node3-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::5"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "driveripper-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::6"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "unifi-external-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::7"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "nextcloud-aio-wg.reeselink.com",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "fd00:fd41:d0f1:1010::8"
}
]
}
}
]
}

2
gitea/gitea-values.yaml
View File

@@ -60,7 +60,7 @@ service:
metallb.universe.tf/allow-shared-ip: "production"
redis-cluster:
enabled: true
enabled: false
image:
tag: 7.2

13
hosts/update_hosts.yaml
View File

@@ -1,13 +0,0 @@
- name: Update /etc/hosts
hosts: kubernetes
become: true
become_user: root
become_method: sudo
tasks:
- name: Copy /etc/hosts
ansible.builtin.copy:
src: ./hosts
dest: /etc/hosts
owner: root
group: root
mode: '0644'

2
hosts/README.md → k3s/hosts/README.md
View File

@@ -5,5 +5,5 @@ Updates /etc/hosts on each kubernetes node with the correct IP for democratic-cs
## Update Hosts
```bash
ansible-playbook -i ansible/inventory.yaml nodes/update_hosts.yaml
ansible-playbook -i ansible/inventory.yaml k3s/hosts/update_hosts.yaml
```

3
hosts/hosts → k3s/hosts/hosts
View File

@@ -1,3 +1,4 @@
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.20.0.1 democratic-csi-server.reeselink.com
# 172.20.0.1 democratic-csi-server.reeselink.com
fd00:fd41:d0f1:1010::6 democratic-csi-server.reeselink.com

20
k3s/hosts/update_hosts.yaml Normal file
View File

@@ -0,0 +1,20 @@
- name: Update /etc/hosts
hosts: kubernetes
become: true
become_user: root
become_method: sudo
tasks:
- name: Copy /etc/hosts
ansible.builtin.copy:
src: ./hosts
dest: /etc/hosts
owner: root
group: root
mode: '0644'
# - name: Add IP address of all hosts to /etc/hosts
# lineinfile:
# dest: /etc/hosts
# regexp: '.*{{ item.value.address }}$'
# line: "{{ item.value.address }} {{ item.value.hostname }}"
# state: present
# loop: "{{ ip | dict2items }}"

52
network/README.md
View File

@@ -1,52 +0,0 @@
# Network Management
- [Network Management](#network-management)
- [Route53](#route53)
- [Reeselink Addresses](#reeselink-addresses)
- [Reeseapps Addresses](#reeseapps-addresses)
## Route53
```bash
aws route53 list-hosted-zones
# reeselink
aws route53 change-resource-record-sets --hosted-zone-id Z0092652G7L97DSINN18 --change-batch file://
# reeseapps
aws route53 change-resource-record-sets --hosted-zone-id Z012820733346FJ0U4FUF --change-batch file://
```
## Reeselink Addresses
These are convenience dns records so you don't have to remember every ip address. IPV6 and IPV4.
```bash
aws route53 change-resource-record-sets --hosted-zone-id Z0092652G7L97DSINN18 --change-batch file://network/reeselink.json
```
You can extract these addresses into a text file with:
```bash
# IPV6
cat network/reeselink.json | \
jq -c -r '[ .Changes.[] |
select( .ResourceRecordSet.Type | . == "AAAA") ]
| .[]
| .ResourceRecordSet
| .Name,.ResourceRecords.[].Value' > network/ipv6.txt
# IPV4
cat network/reeselink.json | \
jq -c -r '[ .Changes.[] |
select( .ResourceRecordSet.Type | . == "A") ]
| .[]
| .ResourceRecordSet
| .Name,.ResourceRecords.[].Value' > network/ipv4.txt
```
## Reeseapps Addresses
```bash
aws route53 change-resource-record-sets --hosted-zone-id Z012820733346FJ0U4FUF --change-batch file://network/reeseapps.json
```

6
nextcloud/README.md
View File

@@ -45,8 +45,12 @@ node.session.auth.password = <password>
```
```bash
# Discover targets
iscsiadm -m discovery -t st -p driveripper.reeselink.com
iscsiadm -m node --login
# Login to the nextcloud-data target
iscsiadm -m node -T iqn.2023-01.driveripper.reeselink.com:nextcloud-aio-data -l
# Automatically login on startup
iscsiadm -m node -T iqn.2023-01.driveripper.reeselink.com:nextcloud-aio-data -o update -n node.startup -v automatic
```
## Setup

93
wireguard/README.md
View File

@@ -1,5 +1,9 @@
# Wireguard
## Install Wireguard
<https://www.wireguard.com/install/>
## Ansible
```bash
@@ -8,70 +12,113 @@ ansible-playbook -i ansible/inventory.yaml wireguard/wireguard.yaml
ansible-playbook -i ansible/inventory.yaml wireguard/peers.yaml
```
## DNS Records
Collect DNS records from vars.yaml
```bash
cat wireguard/vars.yaml | \
yq -r '.ip | map([.hostname + "-wg.reeselink.com", .address]).[].[]' > dns/duconet-wg.txt
```
## CLI Setup
```bash
# Peer 1
wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
ip link add dev wg0 type wireguard
ip link add dev duconet-wg type wireguard
ip address add dev wg0 10.10.10.1/24
ip address add dev duconet-wg fd00:fd41:d0f1:1010::0/64
wg set wg0 \
wg set duconet-wg \
listen-port 51821 \
private-key /etc/wireguard/privatekey
wg set wg0 \
wg set duconet-wg \
peer CQxNsdPgfzjvOszjn/UZHFdAY3k+D9J+vI8qKUjCYV0= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.200.253:51821
ip link set up dev wg0
touch /etc/wireguard/wg0.conf
wg-quick save wg0
ip link set up dev duconet-wg
touch /etc/wireguard/duconet-wg.conf
wg-quick save duconet-wg
# Peer 2
wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
ip link add dev wg0 type wireguard
ip link add dev duconet-wg type wireguard
ip address add dev wg0 10.10.10.2/24
ip address add dev duconet-wg 10.10.10.2/24
wg set wg0 \
wg set duconet-wg \
listen-port 51821 \
private-key /etc/wireguard/privatekey \
peer kzbHUGzYk6Uyan/NFYY5mh3pxf2IX/WzWZtImeyp6Sw= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.203.197:51821
ip link set up dev wg0
touch /etc/wireguard/wg0.conf
wg-quick save wg0
ip link set up dev duconet-wg
touch /etc/wireguard/duconet-wg.conf
wg-quick save duconet-wg
# Peer 3
wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
ip link add dev wg0 type wireguard
ip link add dev duconet-wg type wireguard
ip address add dev wg0 10.10.10.3/24
ip address add dev duconet-wg 10.10.10.3/24
wg set wg0 \
wg set duconet-wg \
listen-port 51821 \
private-key /etc/wireguard/privatekey \
peer kzbHUGzYk6Uyan/NFYY5mh3pxf2IX/WzWZtImeyp6Sw= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.203.197:51821
wg set wg0 \
wg set duconet-wg \
peer 9/dBUlO9TGf0H9M3xwPiuIuz6Q/u7fSJVZaUxqAiqi8= \
allowed-ips '10.10.10.0/24' \
endpoint 10.1.2.10:51821
ip link set up dev wg0
touch /etc/wireguard/wg0.conf
wg-quick save wg0
# teardown
ip link delete wg0
ip link set up dev duconet-wg
touch /etc/wireguard/duconet-wg.conf
wg-quick save duconet-wg
```
## Teardown
```bash
# teardown
ip link delete duconet-wg
systemctl disable wg-quick@duconet-wg
```
## Truenas
Because truenas's /etc/wireguard is ephemeral we need to create scripts to save and load
our wireguard config at shutdown/boot.
Select these scripts in system settings -> advanced -> init/shutdown scripts
Startup Script:
/mnt/enc1/truenas/wireguard/duconet-save.sh
```bash
#!/bin/bash
cp -a /mnt/enc1/truenas/wireguard/* /etc/wireguard/
wg-quick up duconet-wg
```
Shutdown Script:
/mnt/enc1/truenas/wireguard/duconet-load.sh
```bash
#!/bin/bash
wg-quick save duconet-wg
cp -a /etc/wireguard/* /mnt/enc1/truenas/wireguard/
```

34
wireguard/interface.yaml
View File

@@ -2,37 +2,39 @@
hosts:
- colors
- kubernetes
- localhost
- truenas
- nextcloud-aio
- unifi-external
become: true
become_user: root
become_method: sudo
vars_files:
- vars.yaml
tasks:
- name: Delete wg0 link
shell: ip link del wg0
ignore_errors: yes
- name: Add wg0 link
shell: ip link add dev wg0 type wireguard
ignore_errors: yes
- name: Add wg0 addresses
shell: "ip address add dev wg0 {{ ip[inventory_hostname].address }}/64"
- name: Check if duconet-wg exists
shell: ip link show duconet-wg
register: link_check
ignore_errors: yes
- name: Add duconet-wg link
shell: ip link add dev duconet-wg type wireguard
when: link_check.rc != 0
- name: Add duconet-wg addresses
shell: "ip address add dev duconet-wg {{ ip[inventory_hostname].address }}/64"
when: link_check.rc != 0
- name: wg set port/key
shell: >
wg set wg0
wg set duconet-wg
listen-port {{ wireguard.listen_port }}
private-key /etc/wireguard/privatekey
- name: Set link up
shell: ip link set up dev wg0
- name: Touch wg0.conf
shell: ip link set up dev duconet-wg
- name: Touch duconet-wg.conf
ansible.builtin.file:
path: /etc/wireguard/wg0.conf
path: /etc/wireguard/duconet-wg.conf
state: touch
- name: save wg config
shell: wg-quick save wg0
- name: Enable wg-quick@wg0
shell: wg-quick save duconet-wg
- name: Enable wg-quick@duconet-wg
ansible.builtin.systemd_service:
name: wg-quick@wg0
name: wg-quick@duconet-wg
enabled: true

6
wireguard/keys.yaml
View File

@@ -2,7 +2,9 @@
hosts:
- colors
- kubernetes
- localhost
- truenas
- nextcloud-aio
- unifi-external
become: true
become_user: root
become_method: sudo
@@ -17,7 +19,7 @@
register: key
- name: Generate pubkey and privatekey
shell: wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
when: not key.stat.exists
when: not key.stat.exists or key.stat.size == 0
- name: cat pubkey
command: cat /etc/wireguard/publickey
register: pubkey

14
wireguard/peers.yaml
View File

@@ -2,8 +2,9 @@
hosts:
- colors
- kubernetes
- localhost
- truenas
- nextcloud-aio
- unifi-external
become: true
become_user: root
become_method: sudo
@@ -12,7 +13,7 @@
tasks:
- name: wg set peers
shell: >
wg set wg0
wg set duconet-wg
peer {{ item.public_key }}
allowed-ips '{{ ip[item.name].address }}'
{% if item.endpoint %}
@@ -20,11 +21,4 @@
{% endif %}
loop: "{{ peers }}"
- name: save wg config
shell: wg-quick save wg0
- name: Add IP address of all hosts to /etc/hosts
lineinfile:
dest: /etc/hosts
regexp: '.*{{ item.value.address }}$'
line: "{{ item.value.address }} {{ item.value.hostname }}"
state: present
loop: "{{ ip | dict2items }}"
shell: wg-quick save duconet-wg

19
wireguard/vars.yaml
View File

@@ -1,6 +1,7 @@
wireguard:
listen_port: 51821
allowed_ips: fd00:fd41:d0f1:1010::0/64
interface: duconet-wg
peers:
- name: yellow
public_key: kzbHUGzYk6Uyan/NFYY5mh3pxf2IX/WzWZtImeyp6Sw=
@@ -18,11 +19,14 @@ peers:
public_key: BwLY8W9nUCpF2xpLlvbkPkwQDV1Kqe+afCINXjEhQnY=
endpoint: node3.reeselink.com:51821
- name: driveripper
public_key: 9/dBUlO9TGf0H9M3xwPiuIuz6Q/u7fSJVZaUxqAiqi8=
public_key: o7alrWFIMHZyeMNJDotj7Aa8ggAZ3xxcMehVnjCJjmA=
endpoint: driveripper.reeselink.com:51821
- name: localhost
public_key: kZVVQ9gIoUb5Uo9DnlCduyLzuH7puc+hGQwvPRV4QQM=
endpoint: ""
- name: unifi-external
public_key: UdbGYnVoxv9J7iv98EJ5hRfjlvPvHENsUqNJQADRHQI=
endpoint: unifi-external.reeselink.com:51821
- name: nextcloud-aio
public_key: G4L1WGm9nIwaw2p6oZqT4W7+ekoziCePrjI8AFwXHTw=
endpoint: nextcloud-aio.reeselink.com:51821
ip:
yellow:
address: fd00:fd41:d0f1:1010::1
@@ -42,6 +46,9 @@ ip:
driveripper:
address: fd00:fd41:d0f1:1010::6
hostname: driveripper
localhost:
unifi-external:
address: fd00:fd41:d0f1:1010::7
hostname: reesework
hostname: unifi-external
nextcloud-aio:
address: fd00:fd41:d0f1:1010::8
hostname: nextcloud-aio