Ansible role to configure tinc mesh VPN
I've switched to Wireguard, so this ansible role is no longer maintained.
Only tested on Debian stable, for now.
Network names may only have the characters [a-zA-Z0-9_]+
(no hyphens).
Hosts may belong to multiple tinc networks; the default playbook applies
the role once for each network.
tinc_subnet_
192.168.2
): the first 3 quads of a /24 (for now)
tinc_mode_
switch
or router
tinc_domain_
mynet.vpn
): DNS domain name of VPN (can be internal)tinc_dns_
192.168.2.1
): IP of DNS server on VPNtinc_port_
655
): port to listen ontinc_ip_
192.168.2.10
): static IP tinc_name_
myhost
): name in tinc, if different from inventory_hostname
tinc_addresses_
[10.0.0.1]
): list of Address lines for other nodes to connecttinc_subnets_
[192.168.2.0/24]
): list of Subnet lines for routingtinc_nodes_
tinc_servers_
tinc_keystore
: dir to store RSA/ED25519 keysmain.yml
: apply rolerestart.yml
: restart daemonuninstall.yml
: remove. Run this before removing tinc config from inventory.Ansible role licensed MIT.
Sean Ho, https://github.com/ho-ansible/