Add default interface prefix for wireguard tunnels

4 years ago · 9b2d0af2ef
parent ae21588748
commit 9b2d0af2ef
4 changed files with 9 additions and 8 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1,4 +1,5 @@
 dn42_wg_private_key: "foobar2342"
+dn42_wg_default_if_prefix: "dn42_"

 dn42_local_subnet_v4: "172.17.0.1/28"
 dn42_local_subnet_v6: "fe80::1/56"
--- a/tasks/wireguard.yml
+++ b/tasks/wireguard.yml
@ -1,19 +1,19 @@

- name: Install wg-quick@{{ peer.if.name | default("dn42_" + peer.name) }} config
+- name: Install wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} config
  template:
-    dest: "/etc/wireguard/{{ peer.if.name | default('dn42_' + peer.name) }}.conf"
+    dest: "/etc/wireguard/{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}.conf"
    src: "wg-quick.j2"
  when: "peer.wg is defined"
  register: "configuration"

- name: Enable wg-quick@{{ peer.if.name | default("dn42_" + peer.name) }} service
+- name: Enable wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} service
  service:
-    name: "wg-quick@{{ peer.if.name | default('dn42_' + peer.name) }}"
+    name: "wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}"
    enabled: yes

- name: Restart wg-quick@{{ peer.if.name | default('dn42_' + peer.name) }}
+- name: Restart wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}
  service:
-    name: "wg-quick@{{ peer.if.name | default('dn42_' + peer.name) }}"
+    name: "wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}"
    state: restarted
  when: "configuration is changed"

--- a/templates/bird2/peer.conf.j2
+++ b/templates/bird2/peer.conf.j2
@ -7,7 +7,7 @@ protocol bgp {{ peer.name }}_v4 from dnpeers{% if not peer.multiprotocol is defi
 {% if peer.v6 is defined %}
 protocol bgp {{ peer.name }}{% if not peer.multiprotocol is defined %}_v6{% endif %} from dnpeers{% if not peer.multiprotocol is defined %}_v6{% endif %} {
  # if you use link-local ipv6 addresses for peering using the following
-  neighbor {{ peer.v6 }}%{{ peer.if.name | default('dn42_' + peer.name) }} as {{ peer.as }};
+  neighbor {{ peer.v6 }}%{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} as {{ peer.as }};
 {% if peer.debug is defined %}
  debug {{ peer.debug }};
 {% endif %}
--- a/templates/wg-quick.j2
+++ b/templates/wg-quick.j2
@ -1,7 +1,7 @@
 [Interface]
 PrivateKey = {{ peer.wg.privkey | default(dn42_wg_private_key) }}
 Address = {{ peer.if.v4 | default(dn42_local_v4) }}/32, {{ peer.if.v6 | default(dn42_local_v6) }}/128
-PostUp = {% if peer.v4 is defined %}/sbin/ip addr del dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 && /sbin/ip addr add dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 peer {{ peer.v4 }}/32 && {% endif %}{% if peer.v6 is defined %}/sbin/ip addr del dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 && /sbin/ip addr add dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 peer {{ peer.v6 }}/128{% endif %}
+PostUp = {% if peer.v4 is defined %}/sbin/ip addr del dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 && /sbin/ip addr add dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 peer {{ peer.v4 }}/32 && {% endif %}{% if peer.v6 is defined %}/sbin/ip addr del dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 && /sbin/ip addr add dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 peer {{ peer.v6 }}/128{% endif %}

 Table = off
 ListenPort = {{ peer.wg.port }}