summaryrefslogtreecommitdiff
path: root/roles/install_wireguard_backbone
diff options
context:
space:
mode:
Diffstat (limited to 'roles/install_wireguard_backbone')
-rw-r--r--roles/install_wireguard_backbone/tasks/fastd_tasks.yml29
-rw-r--r--roles/install_wireguard_backbone/tasks/ffrl_uplink_tasks.yml29
-rw-r--r--roles/install_wireguard_backbone/tasks/main.yml33
-rw-r--r--roles/install_wireguard_backbone/templates/down.sh.j28
-rw-r--r--roles/install_wireguard_backbone/templates/up.sh.j214
-rw-r--r--roles/install_wireguard_backbone/templates/wg.conf.j28
6 files changed, 78 insertions, 43 deletions
diff --git a/roles/install_wireguard_backbone/tasks/fastd_tasks.yml b/roles/install_wireguard_backbone/tasks/fastd_tasks.yml
new file mode 100644
index 0000000..2fe4ce6
--- /dev/null
+++ b/roles/install_wireguard_backbone/tasks/fastd_tasks.yml
@@ -0,0 +1,29 @@
+---
+- name: create wireguard config for peers
+ template:
+ src: wg.conf.j2
+ dest: /etc/wireguard/wgbb{{ hostvars[item]['wireguard_bb_name'] }}.conf
+ mode: 0400
+ with_items: "{{ groups['ffrl_uplink'] }}"
+
+- name: create wireguard up scripts for peers
+ template:
+ src: up.sh.j2
+ dest: /etc/wireguard/upbb{{ hostvars[item]['wireguard_bb_name'] }}.sh
+ mode: 0744
+ with_items: "{{ groups['ffrl_uplink'] }}"
+
+- name: create wireguard down scripts for peers
+ template:
+ src: down.sh.j2
+ dest: /etc/wireguard/downbb{{ hostvars[item]['wireguard_bb_name'] }}.sh
+ mode: 0744
+ with_items: "{{ groups['ffrl_uplink'] }}"
+
+- name: start and enable wireguard mesh
+ systemd:
+ name: wgbackbone@{{ hostvars[item]['wireguard_bb_name'] }}.service
+ enabled: yes
+ state: started
+ daemon_reload: yes
+ with_items: "{{ groups['ffrl_uplink'] }}"
diff --git a/roles/install_wireguard_backbone/tasks/ffrl_uplink_tasks.yml b/roles/install_wireguard_backbone/tasks/ffrl_uplink_tasks.yml
new file mode 100644
index 0000000..d894758
--- /dev/null
+++ b/roles/install_wireguard_backbone/tasks/ffrl_uplink_tasks.yml
@@ -0,0 +1,29 @@
+---
+- name: create wireguard config for peers
+ template:
+ src: wg.conf.j2
+ dest: /etc/wireguard/wgbb{{ hostvars[item]['wireguard_bb_name'] }}.conf
+ mode: 0400
+ with_items: "{{ groups['fastd'] }}"
+
+- name: create wireguard up scripts for peers
+ template:
+ src: up.sh.j2
+ dest: /etc/wireguard/upbb{{ hostvars[item]['wireguard_bb_name'] }}.sh
+ mode: 0744
+ with_items: "{{ groups['fastd'] }}"
+
+- name: create wireguard down scripts for peers
+ template:
+ src: down.sh.j2
+ dest: /etc/wireguard/downbb{{ hostvars[item]['wireguard_bb_name'] }}.sh
+ mode: 0744
+ with_items: "{{ groups['fastd'] }}"
+
+- name: start and enable wireguard mesh
+ systemd:
+ name: wgbackbone@{{ hostvars[item]['wireguard_bb_name'] }}.service
+ enabled: yes
+ state: started
+ daemon_reload: yes
+ with_items: "{{ groups['fastd'] }}"
diff --git a/roles/install_wireguard_backbone/tasks/main.yml b/roles/install_wireguard_backbone/tasks/main.yml
index 09edb03..eafd889 100644
--- a/roles/install_wireguard_backbone/tasks/main.yml
+++ b/roles/install_wireguard_backbone/tasks/main.yml
@@ -1,34 +1,11 @@
---
-- name: create wireguard config for peers
- template:
- src: wg.conf.j2
- dest: /etc/wireguard/wgbb{{ item.name }}.conf
- mode: 0400
- with_items: "{{ wireguard_bb_peers }}"
-
-- name: create wireguard up scripts for peers
- template:
- src: up.sh.j2
- dest: /etc/wireguard/upbb{{ item.name }}.sh
- mode: 0744
- with_items: "{{ wireguard_bb_peers }}"
-
-- name: create wireguard down scripts for peers
- template:
- src: down.sh.j2
- dest: /etc/wireguard/downbb{{ item.name }}.sh
- mode: 0744
- with_items: "{{ wireguard_bb_peers }}"
-
- name: create wireguard backbone service template
copy:
src: wgbackbone@.service
dest: /etc/systemd/system/wgbackbone@.service
-- name: start and enable wireguard mesh
- systemd:
- name: wgbackbone@{{ item.name }}.service
- enabled: yes
- state: started
- daemon_reload: yes
- with_items: "{{ wireguard_bb_peers }}"
+- include_tasks: ffrl_uplink_tasks.yml
+ when: "'ffrl_uplink' in group_names"
+
+- include_tasks: fastd_tasks.yml
+ when: "'fastd' in group_names"
diff --git a/roles/install_wireguard_backbone/templates/down.sh.j2 b/roles/install_wireguard_backbone/templates/down.sh.j2
index fbdd387..6b78d2e 100644
--- a/roles/install_wireguard_backbone/templates/down.sh.j2
+++ b/roles/install_wireguard_backbone/templates/down.sh.j2
@@ -1,5 +1,5 @@
#!/bin/bash
-ip -4 rule del iif bb{{ item.name }} table ffmyk
-ip -6 rule del iif bb{{ item.name }} table ffmyk
-ip link set down dev bb{{ item.name }}
-ip link del bb{{ item.name }}
+ip -4 rule del iif bb{{ hostvars[item]['wireguard_bb_name'] }} table ffmyk
+ip -6 rule del iif bb{{ hostvars[item]['wireguard_bb_name'] }} table ffmyk
+ip link set down dev bb{{ hostvars[item]['wireguard_bb_name'] }}
+ip link del bb{{ hostvars[item]['wireguard_bb_name'] }}
diff --git a/roles/install_wireguard_backbone/templates/up.sh.j2 b/roles/install_wireguard_backbone/templates/up.sh.j2
index 38b3c26..5af1a81 100644
--- a/roles/install_wireguard_backbone/templates/up.sh.j2
+++ b/roles/install_wireguard_backbone/templates/up.sh.j2
@@ -1,8 +1,8 @@
#!/bin/bash
-ip link add bb{{ item.name }} type wireguard
-wg setconf bb{{ item.name }} /etc/wireguard/wgbb{{ item.name }}.conf
-ip addr add {{ item.address6 }} dev bb{{ item.name }}
-ip addr add {{ wireguard_bb_ipv4 }}/32 peer {{ item.address }}/32 dev bb{{ item.name }}
-ip link set up dev bb{{ item.name }}
-ip -4 rule add iif bb{{ item.name }} table ffmyk priority 10
-ip -6 rule add iif bb{{ item.name }} table ffmyk priority 10
+ip link add bb{{ hostvars[item]['wireguard_bb_name'] }} type wireguard
+wg setconf bb{{ hostvars[item]['wireguard_bb_name'] }} /etc/wireguard/wgbb{{ hostvars[item]['wireguard_bb_name'] }}.conf
+ip addr add {{ wireguard_bb_ipv6 }} dev bb{{ hostvars[item]['wireguard_bb_name'] }}
+ip addr add {{ wireguard_bb_ipv4 }}/32 peer {{ hostvars[item]['wireguard_bb_ipv4'] }}/32 dev bb{{ hostvars[item]['wireguard_bb_name'] }}
+ip link set up dev bb{{ hostvars[item]['wireguard_bb_name'] }}
+ip -4 rule add iif bb{{ hostvars[item]['wireguard_bb_name'] }} table ffmyk priority 10
+ip -6 rule add iif bb{{ hostvars[item]['wireguard_bb_name'] }} table ffmyk priority 10
diff --git a/roles/install_wireguard_backbone/templates/wg.conf.j2 b/roles/install_wireguard_backbone/templates/wg.conf.j2
index de0e1fb..a52655c 100644
--- a/roles/install_wireguard_backbone/templates/wg.conf.j2
+++ b/roles/install_wireguard_backbone/templates/wg.conf.j2
@@ -1,9 +1,9 @@
[Interface]
-ListenPort = {{ item.local_port }}
-PrivateKey = {{ wireguard_bb_key }}
+ListenPort = {{ hostvars[item]['wireguard_bb_port'] }}
+PrivateKey = {{ wireguard_bb_priv_key }}
[Peer]
-PublicKey = {{ item.key }}
+PublicKey = {{ hostvars[item]['wireguard_bb_pub_key'] }}
AllowedIPs = 0.0.0.0/0,::/0
-Endpoint = [{{ item.endpoint }}]:{{ item.remote_port }}
+Endpoint = [{{ hostvars[item]['wireguard_bb_endpoint'] }}]:{{ wireguard_bb_port }}
PersistentKeepalive = 30
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-15 02:38:14 +0000