summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--group_vars/vpn.yml1
-rw-r--r--roles/vpn/files/config/acl.json17
2 files changed, 18 insertions, 0 deletions
diff --git a/group_vars/vpn.yml b/group_vars/vpn.yml
index ddf8081..e644e16 100644
--- a/group_vars/vpn.yml
+++ b/group_vars/vpn.yml
@@ -2,3 +2,4 @@
headscale_oidc_secret: "{{ lookup('env', 'HEADSCALE_OIDC_SECRET') }}"
headscale_allowed_users:
- "elizabeth.hunt@simponic.xyz"
+ - "riley.ferguson@simponic.xyz"
diff --git a/roles/vpn/files/config/acl.json b/roles/vpn/files/config/acl.json
index 7c28276..50095da 100644
--- a/roles/vpn/files/config/acl.json
+++ b/roles/vpn/files/config/acl.json
@@ -1,6 +1,8 @@
{
"groups": {
"group:admin": ["elizabeth.hunt"],
+ "group:roomates": ["riley.ferguson"],
+ "group:friends": ["riley.ferguson"],
"group:sys": ["sys"]
},
"tagOwners": {
@@ -23,6 +25,21 @@
"action": "accept",
"src": ["group:sys"],
"dst": ["group:sys:*"]
+ },
+ {
+ "action": "accept",
+ "src": ["group:admin"],
+ "dst": ["10.0.0.0/24:*"]
+ },
+ {
+ "action": "accept",
+ "src": ["group:roomates"],
+ "dst": ["10.0.0.0/24:*", "tag:router:*"]
+ },
+ {
+ "action": "accept",
+ "src": ["group:friends"],
+ "dst": ["group:sys:*"]
}
]
}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-09-22 21:33:33 +0000