3 files changed, 27 insertions, 0 deletions

diff --git a/roles/install_wireguard_backbone/templates/down.sh.j2 b/roles/install_wireguard_backbone/templates/down.sh.j2
new file mode 100644
index 0000000..07325bf
--- /dev/null
+++ b/roles/install_wireguard_backbone/templates/down.sh.j2
@@ -0,0 +1,5 @@
+#!/bin/bash
+{% for peer in wireguard_bb_peers %}
+ip link set down dev bb{{ peer.name }}
+ip link del bb{{ peer.name }} type ip6gretap
+{% endfor %}
diff --git a/roles/install_wireguard_backbone/templates/up.sh.j2 b/roles/install_wireguard_backbone/templates/up.sh.j2
new file mode 100644
index 0000000..97985f9
--- /dev/null
+++ b/roles/install_wireguard_backbone/templates/up.sh.j2
@@ -0,0 +1,7 @@
+#!/bin/bash
+{% for peer in wireguard_bb_peers %}
+ip link add bb{{ peer.name }} type ip6gretap remote {{ peer.address }} local {{ wireguard_bb_address }} ttl 255 dev wgbackbone
+ip link set mtu 1280 dev bb{{ peer.name }}
+ip link set up dev bb{{ peer.name }}
+ip address add {{ wireguard_bb_gre_ipv4 }} peer {{ peer.gre_ipv4 }} dev bb{{ peer.name }}
+{% endfor %}
diff --git a/roles/install_wireguard_backbone/templates/wg.conf.j2 b/roles/install_wireguard_backbone/templates/wg.conf.j2
new file mode 100644
index 0000000..8e8841a
--- /dev/null
+++ b/roles/install_wireguard_backbone/templates/wg.conf.j2
@@ -0,0 +1,15 @@
+[Interface]
+ListenPort = {{ wireguard_bb_port }}
+PrivateKey = {{ wireguard_bb_key }}
+Address = {{ wireguard_bb_address }}/48
+MTU = 1423
+PostUp = /etc/wireguard/upbackbone.sh
+PreDown = /etc/wireguard/downbackbone.sh
+
+{% for peer in wireguard_bb_peers %}
+[Peer]
+PublicKey = {{ peer.key }}
+AllowedIPs = {{ peer.address }}/128
+Endpoint = [{{ peer.endpoint }}]:{{ wireguard_bb_port }}
+PersistentKeepalive = 30
+{% endfor %}