40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
---
|
|
# Inventory File for Two-Tier VPN Architecture
|
|
#
|
|
# This inventory is for managing VPN1, VPN2, VPN3 (user-facing VPN endpoints)
|
|
# from ValleyForge (admin control plane)
|
|
#
|
|
# Deploy this FROM ValleyForge server after:
|
|
# 1. ValleyForge is set up with WireGuard admin VPN
|
|
# 2. Ansible is installed on ValleyForge
|
|
# 3. SSH keys are configured from ValleyForge to VPN endpoints
|
|
|
|
all:
|
|
children:
|
|
# User-facing VPN endpoints
|
|
vpn_servers:
|
|
hosts:
|
|
vpn1:
|
|
ansible_host: 203.0.113.10 # VPN1 public IP (CHANGE THIS!)
|
|
ansible_user: root
|
|
|
|
vpn2:
|
|
ansible_host: 203.0.113.11 # VPN2 public IP (CHANGE THIS!)
|
|
ansible_user: root
|
|
|
|
vpn3:
|
|
ansible_host: 203.0.113.12 # VPN3 public IP (CHANGE THIS!)
|
|
ansible_user: root
|
|
|
|
vars:
|
|
# Common variables for all VPN servers
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
|
|
# ValleyForge public IP (for firewall rules)
|
|
# IMPORTANT: Change this to your actual ValleyForge IP!
|
|
valleyforge_public_ip: "185.112.147.205"
|
|
|
|
# Note: ValleyForge itself is NOT in this inventory
|
|
# ValleyForge is the control plane where you run Ansible FROM
|
|
# It should be configured separately with its own WireGuard admin VPN
|