blob: c467c5ee8d3b77490f1057b2ffa1520066aafdf2 [file] [log] [blame]
local kube = import "../../../kube/kube.libsonnet";
local vpn = import "vpn.libsonnet";
{
local top = self,
tls: vpn.PKI("implr-vpn"),
servers: {
praisethesun: vpn.Server("openvpn-implr-praisethesun", 11223, top.tls) {
cfg+: {
namespace: "implr-vpn",
configFile: |||
dev tun
tmp-dir /dev/shm/
proto udp
port 11223
topology subnet
server 172.17.1.0 255.255.255.0
keepalive 10 60
persist-tun
persist-key
cipher AES-256-CBC
dh none
ca /mnt/pki/ca.crt
cert /mnt/pki/tls.crt
key /mnt/pki/tls.key
|||
}
},
curssys: vpn.Server("openvpn-implr-curssys", 11224, top.tls) {
cfg+: {
namespace: "implr-vpn",
configFile: |||
dev tun
tmp-dir /dev/shm/
proto udp
port 11224
topology subnet
server 172.20.1.0 255.255.255.0
keepalive 10 60
persist-tun
persist-key
cipher AES-256-CBC
dh none
ca /mnt/pki/ca.crt
cert /mnt/pki/tls.crt
key /mnt/pki/tls.key
|||
}
},
},
clients: {
kektop: vpn.Client("kektop", top.servers.praisethesun),
admin1: vpn.Client("admin1", top.servers.praisethesun),
desk1: vpn.Client("desk1", top.servers.praisethesun),
desk2: vpn.Client("desk2", top.servers.curssys),
thonk: vpn.Client("thonk", top.servers.curssys),
}
}