dev-docs: add on-prem terraform to vpn setup (#2619)

* vpn: add fake-on-prem infra * dev-docs: move vpn helm
2025-09-20 21:14:37 -04:00 · 2023-11-23 16:13:37 +01:00 · 2023-11-23 16:13:37 +01:00 · 0564e4ebb4
commit 0564e4ebb4
parent c922864f30
20 changed files with 407 additions and 0 deletions
--- a/dev-docs/howto/vpn/helm/templates/strongswan-secret.tpl
+++ b/dev-docs/howto/vpn/helm/templates/strongswan-secret.tpl
@ -0,0 +1,26 @@
+{{- define "strongswan.swanctl-conf" }}
+connections {
+    net-net {
+      remote_addrs = {{ .Values.ipsec.peer }}
+      local {
+          auth = psk
+      }
+      remote {
+          auth = psk
+      }
+      children {
+          net-net {
+              local_ts  = {{ .Values.podCIDR }},{{ .Values.serviceCIDR }}
+              remote_ts = {{ join "," .Values.peerCIDRs }}
+              start_action = trap
+          }
+      }
+    }
+}
+
+secrets {
+    ike {
+        secret = {{ quote .Values.ipsec.psk }}
+    }
+}
+{{- end }}