personal/implr/vpn/vpn.jsonnet - hscloud - Gitiles

 local kube = import "../../../kube/kube.libsonnet";
 local vpn = import "vpn.libsonnet";

 {
     local top = self,
     tls: vpn.PKI("implr-vpn"),

     servers: {
         curssys: vpn.Server("openvpn-implr-curssys", 11224, top.tls) {
             cfg+: {
                 namespace: "implr-vpn",
                 configFile: |||
                     dev tun
                     tmp-dir /dev/shm/
                     proto udp
                     port 11224
                     topology subnet
                     server 172.20.1.0 255.255.255.0
                     keepalive 10 60
                     persist-tun
                     persist-key
                     cipher AES-256-CBC
                     dh none
                     ca /mnt/pki/ca.crt
                     cert /mnt/pki/tls.crt
                     key /mnt/pki/tls.key
                 |||
             }
         },
     },
     clients: {
         desk2: vpn.Client("desk2", top.servers.curssys),
         thonk: vpn.Client("thonk", top.servers.curssys),
         anthracite: vpn.Client("anthracite", top.servers.curssys),
         iotbox: vpn.Client("iotbox", top.servers.curssys),
     }
 }
	local kube = import "../../../kube/kube.libsonnet";
	local vpn = import "vpn.libsonnet";

	{
	local top = self,
	tls: vpn.PKI("implr-vpn"),

	servers: {
	curssys: vpn.Server("openvpn-implr-curssys", 11224, top.tls) {
	cfg+: {
	namespace: "implr-vpn",
	configFile: \|\|\|
	dev tun
	tmp-dir /dev/shm/
	proto udp
	port 11224
	topology subnet
	server 172.20.1.0 255.255.255.0
	keepalive 10 60
	persist-tun
	persist-key
	cipher AES-256-CBC
	dh none
	ca /mnt/pki/ca.crt
	cert /mnt/pki/tls.crt
	key /mnt/pki/tls.key
	\|\|\|
	}
	},
	},
	clients: {
	desk2: vpn.Client("desk2", top.servers.curssys),
	thonk: vpn.Client("thonk", top.servers.curssys),
	anthracite: vpn.Client("anthracite", top.servers.curssys),
	iotbox: vpn.Client("iotbox", top.servers.curssys),
	}
	}