diff options
Diffstat (limited to 'roles/install_wireguard_backbone/templates')
| -rw-r--r-- | roles/install_wireguard_backbone/templates/down.sh.j2 | 8 | ||||
| -rw-r--r-- | roles/install_wireguard_backbone/templates/up.sh.j2 | 13 | ||||
| -rw-r--r-- | roles/install_wireguard_backbone/templates/wg.conf.j2 | 14 |
3 files changed, 15 insertions, 20 deletions
diff --git a/roles/install_wireguard_backbone/templates/down.sh.j2 b/roles/install_wireguard_backbone/templates/down.sh.j2 index 07325bf..fbdd387 100644 --- a/roles/install_wireguard_backbone/templates/down.sh.j2 +++ b/roles/install_wireguard_backbone/templates/down.sh.j2 @@ -1,5 +1,5 @@ #!/bin/bash -{% for peer in wireguard_bb_peers %} -ip link set down dev bb{{ peer.name }} -ip link del bb{{ peer.name }} type ip6gretap -{% endfor %} +ip -4 rule del iif bb{{ item.name }} table ffmyk +ip -6 rule del iif bb{{ item.name }} table ffmyk +ip link set down dev bb{{ item.name }} +ip link del bb{{ item.name }} diff --git a/roles/install_wireguard_backbone/templates/up.sh.j2 b/roles/install_wireguard_backbone/templates/up.sh.j2 index 97985f9..38b3c26 100644 --- a/roles/install_wireguard_backbone/templates/up.sh.j2 +++ b/roles/install_wireguard_backbone/templates/up.sh.j2 @@ -1,7 +1,8 @@ #!/bin/bash -{% for peer in wireguard_bb_peers %} -ip link add bb{{ peer.name }} type ip6gretap remote {{ peer.address }} local {{ wireguard_bb_address }} ttl 255 dev wgbackbone -ip link set mtu 1280 dev bb{{ peer.name }} -ip link set up dev bb{{ peer.name }} -ip address add {{ wireguard_bb_gre_ipv4 }} peer {{ peer.gre_ipv4 }} dev bb{{ peer.name }} -{% endfor %} +ip link add bb{{ item.name }} type wireguard +wg setconf bb{{ item.name }} /etc/wireguard/wgbb{{ item.name }}.conf +ip addr add {{ item.address6 }} dev bb{{ item.name }} +ip addr add {{ wireguard_bb_ipv4 }}/32 peer {{ item.address }}/32 dev bb{{ item.name }} +ip link set up dev bb{{ item.name }} +ip -4 rule add iif bb{{ item.name }} table ffmyk priority 10 +ip -6 rule add iif bb{{ item.name }} table ffmyk priority 10 diff --git a/roles/install_wireguard_backbone/templates/wg.conf.j2 b/roles/install_wireguard_backbone/templates/wg.conf.j2 index 8e8841a..de0e1fb 100644 --- a/roles/install_wireguard_backbone/templates/wg.conf.j2 +++ b/roles/install_wireguard_backbone/templates/wg.conf.j2 @@ -1,15 +1,9 @@ [Interface] -ListenPort = {{ wireguard_bb_port }} +ListenPort = {{ item.local_port }} PrivateKey = {{ wireguard_bb_key }} -Address = {{ wireguard_bb_address }}/48 -MTU = 1423 -PostUp = /etc/wireguard/upbackbone.sh -PreDown = /etc/wireguard/downbackbone.sh -{% for peer in wireguard_bb_peers %} [Peer] -PublicKey = {{ peer.key }} -AllowedIPs = {{ peer.address }}/128 -Endpoint = [{{ peer.endpoint }}]:{{ wireguard_bb_port }} +PublicKey = {{ item.key }} +AllowedIPs = 0.0.0.0/0,::/0 +Endpoint = [{{ item.endpoint }}]:{{ item.remote_port }} PersistentKeepalive = 30 -{% endfor %} |