pcouy
@pcouy@lemmy.pierre-couy.fr
- Comment on Wireguard easy and third party von service. 2 weeks ago:
The ansible role I made does not cover this. If you make a server an exit node for a network, the server gets configured to forward everything that comes from the wireguard network. Since my use case does not need this, I don’t think I’ll add it, but the role could be expanded to support ACLs by taking inspiration from how it deals with port forwarding.
- Comment on Wireguard easy and third party von service. 2 weeks ago:
Do you have specific examples of the “different firewall requirements” ?
- Comment on Wireguard easy and third party von service. 2 weeks ago:
I have a custom made ansible role that does what you are asking for. I’ve wanted to clean it up a bit before putting it up on Github, and your post just gave me a motivation to stop procrastinating it :) This was initially made for my own use, and I’m not an Ansible expert so it can have some rough edges, but I tried my best to make it adhere to the Ansible way of doing things (applying the same role to a host twice should be idempotent).
Using this role, I’m able to quickly define wireguard networks, define which peer participates in which network, optionally configure a peer as a router (with NAT and port forwarding) for a given network. For Ansible-managed hosts, it installs wireguard, generates and deploys wireguard configurations, and enables IP forwarding on exit nodes. It can also generate ready-to-deploy wireguard configurations for externally managed hosts.
The repo is at github.com/pcouy/ansible-wireguard . I tried giving some instructions in the readme but they may not be detailed enough. If you try it, please open an issue for anything that’s not clear enough from the readme so I can improve it.
- Comment on Analog Capture Server LIVES! 4 weeks ago:
I did something similar for digitizing old camcorder family videos. I hooked up a VCR through a cheap elgato RCA -> USB capture card to my home server, and did something similar to you with a preview feed available on my LAN.
I even built a (really ugly) web UI which lets me pick an audio and video source, start the preview stream and display it in the browser without actually starting the capture, then start/stop the capture, edit the ffmpeg flags, and set the output file name. I can share it with you if you are interested