Tips-Of-Mine/infrastructure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow tailscale IP in more places

Browse Source
This commit is contained in:
Jake Howard
2024-02-07 18:21:16 +00:00
parent 6c1c245c23
commit b6eca40ae0
7 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/base/files/ssh-jail.conf
View File

@ -4,4 +4,4 @@ bantime = 600
findtime = 30
maxretry = 5
port = {{ ssh_port }},ssh
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ tailscale_cidr }}

2
ansible/roles/base/files/sshd_config
View File

@ -2,7 +2,7 @@
# Change to a high/odd port if this server is exposed to the internet directly
Port {{ ssh_port }}
AllowUsers {% if hostname_slug in pve_hosts %}{{ me.user }}@{{ pve_hosts.internal_cidr }}{% endif %} {% if hostname_slug in nebula.clients %}{{ me.user }}@{{ nebula.cidr }}{% endif %} {{ ssh_extra_allowed_users }}
AllowUsers {% if hostname_slug in pve_hosts %}{{ me.user }}@{{ pve_hosts.internal_cidr }}{% endif %} {% if hostname_slug in nebula.clients %}{{ me.user }}@{{ nebula.cidr }}{% endif %} {{ me.user }}@{{ tailscale_cidr }} {{ ssh_extra_allowed_users }}
# Bind to all interfaces (change to specific interface if needed)
ListenAddress 0.0.0.0