From 3c7828c248553645d2e8ce083787931bfbbf4f75 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Tue, 3 May 2016 09:30:56 +0100
Subject: [PATCH] Add VPN tunnel from fafnir to IC

---
 roles/fafnir.rb    | 15 ++++++++++++++-
 roles/ironbelly.rb |  7 +++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/roles/fafnir.rb b/roles/fafnir.rb
index 2a8a1d138..2345b2565 100644
--- a/roles/fafnir.rb
+++ b/roles/fafnir.rb
@@ -16,6 +16,18 @@ default_attributes(
       }
     }
   },
+  :openvpn => {
+    :address => "10.0.16.4",
+    :tunnels => {
+      :aws2ic => {
+        :port => "1194",
+        :mode => "client",
+        :peer => {
+          :host => "ironbelly.openstreetmap.org"
+        }
+      }
+    }
+  },
   :postgresql => {
     :settings => {
       :defaults => {
@@ -38,5 +50,6 @@ default_attributes(
 )
 
 run_list(
-  "role[aws]"
+  "role[aws]",
+  "recipe[openvpn]"
 )
diff --git a/roles/ironbelly.rb b/roles/ironbelly.rb
index 50e22907c..13f965226 100644
--- a/roles/ironbelly.rb
+++ b/roles/ironbelly.rb
@@ -59,6 +59,13 @@ default_attributes(
         :peer => {
           :host => "ridley.openstreetmap.org"
         }
+      },
+      :aws2ic => {
+        :port => "1195",
+        :mode => "server",
+        :peer => {
+          :host => "fafnir.openstreetmap.org"
+        }
       }
     }
   },
-- 
2.43.2