A playbook that sets up an internal WireGuard network using innernet (as declaratively as possible)

Go to file

linus 2b4b5f978e fix typo		2021-11-16 09:44:29 +01:00
group_vars	put variables where they belong	2021-11-15 18:44:10 +01:00
innernet-src@9a59ac3094	checkout v1.5.1 in innernet submodule	2021-11-15 18:45:05 +01:00
inventory@873e2fd4cf	bump inventory	2021-11-15 18:51:08 +01:00
roles	add client role	2021-11-15 19:09:18 +01:00
.gitignore	ignore binaries to avoid bloating the repo	2021-11-15 18:49:39 +01:00
.gitmodules	add correct upstream as `innernet-src`	2021-11-15 11:38:49 +01:00
ansible.cfg	adding ansible scaffolding	2021-11-05 15:20:44 +01:00
build-binaries.sh	renamed and improved build script	2021-11-15 18:43:31 +01:00
open_the_vault.sh	adding ansible scaffolding	2021-11-05 15:20:44 +01:00
playbook.yml	put variables where they belong	2021-11-15 18:44:10 +01:00
README.md	fix typo	2021-11-16 09:44:29 +01:00
vault_passphrase.gpg	adding ansible scaffolding	2021-11-05 15:20:44 +01:00
vault_passphrase.gpg.license	adding ansible scaffolding	2021-11-05 15:20:44 +01:00

README.md

Table of Contents

Motivation
Install

Motivation

Install

Clone the repo

git clone --recurse-submodules git@git.fsfe.org:fsfe-system-hackers/innernet-playbook.git
cd innernet-playbook

Build binaries from submodule at `./innernet-src`

Since innernet is new software, it is not yet included in the Debian repositories. Thus, before running the playbook we need to build the innernet and innernet-server binaries. At the moment, we are using v1.5.1, but you can choose any other available version by setting the environment variable accordingly.

INNERNET_VERSION=v1.5.1 ./build-binaries.sh

Run the playbook

ansible-playbook playbook.yml

Distribute the invitation files

Some invitation files are for humans, so you need to send these files to them securely. I suggest using someting like wormohle.

sudo apt install magic-wormhole
cd roles/client/files
wormhole send <name_of_peer>.toml