Add default interface prefix for wireguard tunnels

master^2
Moritz 'e1mo' Fromm 4 years ago
parent ae21588748
commit 9b2d0af2ef
Signed by: e1mo
GPG Key ID: 1D5D79A439E787F1

@ -1,4 +1,5 @@
dn42_wg_private_key: "foobar2342" dn42_wg_private_key: "foobar2342"
dn42_wg_default_if_prefix: "dn42_"
dn42_local_subnet_v4: "172.17.0.1/28" dn42_local_subnet_v4: "172.17.0.1/28"
dn42_local_subnet_v6: "fe80::1/56" dn42_local_subnet_v6: "fe80::1/56"

@ -1,19 +1,19 @@
- name: Install wg-quick@{{ peer.if.name | default("dn42_" + peer.name) }} config - name: Install wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} config
template: template:
dest: "/etc/wireguard/{{ peer.if.name | default('dn42_' + peer.name) }}.conf" dest: "/etc/wireguard/{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}.conf"
src: "wg-quick.j2" src: "wg-quick.j2"
when: "peer.wg is defined" when: "peer.wg is defined"
register: "configuration" register: "configuration"
- name: Enable wg-quick@{{ peer.if.name | default("dn42_" + peer.name) }} service - name: Enable wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} service
service: service:
name: "wg-quick@{{ peer.if.name | default('dn42_' + peer.name) }}" name: "wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}"
enabled: yes enabled: yes
- name: Restart wg-quick@{{ peer.if.name | default('dn42_' + peer.name) }} - name: Restart wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}
service: service:
name: "wg-quick@{{ peer.if.name | default('dn42_' + peer.name) }}" name: "wg-quick@{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }}"
state: restarted state: restarted
when: "configuration is changed" when: "configuration is changed"

@ -7,7 +7,7 @@ protocol bgp {{ peer.name }}_v4 from dnpeers{% if not peer.multiprotocol is defi
{% if peer.v6 is defined %} {% if peer.v6 is defined %}
protocol bgp {{ peer.name }}{% if not peer.multiprotocol is defined %}_v6{% endif %} from dnpeers{% if not peer.multiprotocol is defined %}_v6{% endif %} { protocol bgp {{ peer.name }}{% if not peer.multiprotocol is defined %}_v6{% endif %} from dnpeers{% if not peer.multiprotocol is defined %}_v6{% endif %} {
# if you use link-local ipv6 addresses for peering using the following # if you use link-local ipv6 addresses for peering using the following
neighbor {{ peer.v6 }}%{{ peer.if.name | default('dn42_' + peer.name) }} as {{ peer.as }}; neighbor {{ peer.v6 }}%{{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} as {{ peer.as }};
{% if peer.debug is defined %} {% if peer.debug is defined %}
debug {{ peer.debug }}; debug {{ peer.debug }};
{% endif %} {% endif %}

@ -1,7 +1,7 @@
[Interface] [Interface]
PrivateKey = {{ peer.wg.privkey | default(dn42_wg_private_key) }} PrivateKey = {{ peer.wg.privkey | default(dn42_wg_private_key) }}
Address = {{ peer.if.v4 | default(dn42_local_v4) }}/32, {{ peer.if.v6 | default(dn42_local_v6) }}/128 Address = {{ peer.if.v4 | default(dn42_local_v4) }}/32, {{ peer.if.v6 | default(dn42_local_v6) }}/128
PostUp = {% if peer.v4 is defined %}/sbin/ip addr del dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 && /sbin/ip addr add dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 peer {{ peer.v4 }}/32 && {% endif %}{% if peer.v6 is defined %}/sbin/ip addr del dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 && /sbin/ip addr add dev {{ peer.if.name | default("dn42_" + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 peer {{ peer.v6 }}/128{% endif %} PostUp = {% if peer.v4 is defined %}/sbin/ip addr del dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 && /sbin/ip addr add dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 peer {{ peer.v4 }}/32 && {% endif %}{% if peer.v6 is defined %}/sbin/ip addr del dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 && /sbin/ip addr add dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 peer {{ peer.v6 }}/128{% endif %}
Table = off Table = off
ListenPort = {{ peer.wg.port }} ListenPort = {{ peer.wg.port }}

Loading…
Cancel
Save