From a3074c98973c5e899e04bf1e6a529611962e2505 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Fri, 28 Feb 2020 23:31:17 +0100 Subject: rename wireguard/gateway to wireguard/gateway/server --- roles/wireguard/gateway/defaults/main.yml | 15 ------------- roles/wireguard/gateway/handlers/main.yml | 6 ----- roles/wireguard/gateway/server/defaults/main.yml | 15 +++++++++++++ roles/wireguard/gateway/server/handlers/main.yml | 6 +++++ roles/wireguard/gateway/server/tasks/main.yml | 20 +++++++++++++++++ .../gateway/server/templates/systemd.netdev.j2 | 26 ++++++++++++++++++++++ .../gateway/server/templates/systemd.network.j2 | 7 ++++++ roles/wireguard/gateway/tasks/main.yml | 20 ----------------- .../wireguard/gateway/templates/systemd.netdev.j2 | 26 ---------------------- .../wireguard/gateway/templates/systemd.network.j2 | 7 ------ 10 files changed, 74 insertions(+), 74 deletions(-) delete mode 100644 roles/wireguard/gateway/defaults/main.yml delete mode 100644 roles/wireguard/gateway/handlers/main.yml create mode 100644 roles/wireguard/gateway/server/defaults/main.yml create mode 100644 roles/wireguard/gateway/server/handlers/main.yml create mode 100644 roles/wireguard/gateway/server/tasks/main.yml create mode 100644 roles/wireguard/gateway/server/templates/systemd.netdev.j2 create mode 100644 roles/wireguard/gateway/server/templates/systemd.network.j2 delete mode 100644 roles/wireguard/gateway/tasks/main.yml delete mode 100644 roles/wireguard/gateway/templates/systemd.netdev.j2 delete mode 100644 roles/wireguard/gateway/templates/systemd.network.j2 (limited to 'roles/wireguard') diff --git a/roles/wireguard/gateway/defaults/main.yml b/roles/wireguard/gateway/defaults/main.yml deleted file mode 100644 index 9ee0523c..00000000 --- a/roles/wireguard/gateway/defaults/main.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# wireguard_gateway_tunnels: -# wg-test: -# description: some wireguard tunnel -# priv_key: secret -# listen_port: 1234 -# addresses: -# - 192.168.255.254/24 -# peers: -# - pub_key: public_key_of_peer -# keepalive_interval: 10 -# endpoint: 5.6.7.8:1234 -# allowed_ips: -# - 192.168.255.3/32 -# - 192.168.123.0/24 diff --git a/roles/wireguard/gateway/handlers/main.yml b/roles/wireguard/gateway/handlers/main.yml deleted file mode 100644 index 625032dc..00000000 --- a/roles/wireguard/gateway/handlers/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: restart systemd-networkd - systemd: - daemon_reload: yes - name: systemd-networkd - state: restarted diff --git a/roles/wireguard/gateway/server/defaults/main.yml b/roles/wireguard/gateway/server/defaults/main.yml new file mode 100644 index 00000000..9ee0523c --- /dev/null +++ b/roles/wireguard/gateway/server/defaults/main.yml @@ -0,0 +1,15 @@ +--- +# wireguard_gateway_tunnels: +# wg-test: +# description: some wireguard tunnel +# priv_key: secret +# listen_port: 1234 +# addresses: +# - 192.168.255.254/24 +# peers: +# - pub_key: public_key_of_peer +# keepalive_interval: 10 +# endpoint: 5.6.7.8:1234 +# allowed_ips: +# - 192.168.255.3/32 +# - 192.168.123.0/24 diff --git a/roles/wireguard/gateway/server/handlers/main.yml b/roles/wireguard/gateway/server/handlers/main.yml new file mode 100644 index 00000000..625032dc --- /dev/null +++ b/roles/wireguard/gateway/server/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: restart systemd-networkd + systemd: + daemon_reload: yes + name: systemd-networkd + state: restarted diff --git a/roles/wireguard/gateway/server/tasks/main.yml b/roles/wireguard/gateway/server/tasks/main.yml new file mode 100644 index 00000000..906ee640 --- /dev/null +++ b/roles/wireguard/gateway/server/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: install wireguard interfaces (netdev) + loop: "{{ wireguard_gateway_tunnels | dict2items }}" + loop_control: + label: "{{ item.key }}" + template: + src: systemd.netdev.j2 + dest: "/etc/systemd/network/{{ item.key }}.netdev" + mode: 0640 + group: systemd-network + notify: restart systemd-networkd + +- name: install wireguard interfaces (network) + loop: "{{ wireguard_gateway_tunnels | dict2items }}" + loop_control: + label: "{{ item.key }}" + template: + src: systemd.network.j2 + dest: "/etc/systemd/network/{{ item.key }}.network" + notify: restart systemd-networkd diff --git a/roles/wireguard/gateway/server/templates/systemd.netdev.j2 b/roles/wireguard/gateway/server/templates/systemd.netdev.j2 new file mode 100644 index 00000000..62f0d0a6 --- /dev/null +++ b/roles/wireguard/gateway/server/templates/systemd.netdev.j2 @@ -0,0 +1,26 @@ +[NetDev] +Name={{ item.key }} +Kind=wireguard +{% if 'description' in item.value %} +Description={{ item.value.description }} +{% endif %} + + +[WireGuard] +PrivateKey={{ item.value.priv_key }} +ListenPort={{ item.value.listen_port | default(51820) }} + +{% for peer in item.value.peers %} + +[WireGuardPeer] +PublicKey={{ peer.pub_key }} +{% for ip in peer.allowed_ips %} +AllowedIPs={{ ip }} +{% endfor %} +{% if 'endpoint' in peer %} +Endpoint={{ peer.endpoint }} +{% endif %} +{% if 'keepalive_interval' in peer %} +PersistentKeepalive={{ peer.keepalive_interval }} +{% endif %} +{% endfor %} diff --git a/roles/wireguard/gateway/server/templates/systemd.network.j2 b/roles/wireguard/gateway/server/templates/systemd.network.j2 new file mode 100644 index 00000000..8d8af966 --- /dev/null +++ b/roles/wireguard/gateway/server/templates/systemd.network.j2 @@ -0,0 +1,7 @@ +[Match] +Name={{ item.key }} + +[Network] +{% for addr in item.value.addresses %} +Address={{ addr }} +{% endfor %} diff --git a/roles/wireguard/gateway/tasks/main.yml b/roles/wireguard/gateway/tasks/main.yml deleted file mode 100644 index 906ee640..00000000 --- a/roles/wireguard/gateway/tasks/main.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: install wireguard interfaces (netdev) - loop: "{{ wireguard_gateway_tunnels | dict2items }}" - loop_control: - label: "{{ item.key }}" - template: - src: systemd.netdev.j2 - dest: "/etc/systemd/network/{{ item.key }}.netdev" - mode: 0640 - group: systemd-network - notify: restart systemd-networkd - -- name: install wireguard interfaces (network) - loop: "{{ wireguard_gateway_tunnels | dict2items }}" - loop_control: - label: "{{ item.key }}" - template: - src: systemd.network.j2 - dest: "/etc/systemd/network/{{ item.key }}.network" - notify: restart systemd-networkd diff --git a/roles/wireguard/gateway/templates/systemd.netdev.j2 b/roles/wireguard/gateway/templates/systemd.netdev.j2 deleted file mode 100644 index 62f0d0a6..00000000 --- a/roles/wireguard/gateway/templates/systemd.netdev.j2 +++ /dev/null @@ -1,26 +0,0 @@ -[NetDev] -Name={{ item.key }} -Kind=wireguard -{% if 'description' in item.value %} -Description={{ item.value.description }} -{% endif %} - - -[WireGuard] -PrivateKey={{ item.value.priv_key }} -ListenPort={{ item.value.listen_port | default(51820) }} - -{% for peer in item.value.peers %} - -[WireGuardPeer] -PublicKey={{ peer.pub_key }} -{% for ip in peer.allowed_ips %} -AllowedIPs={{ ip }} -{% endfor %} -{% if 'endpoint' in peer %} -Endpoint={{ peer.endpoint }} -{% endif %} -{% if 'keepalive_interval' in peer %} -PersistentKeepalive={{ peer.keepalive_interval }} -{% endif %} -{% endfor %} diff --git a/roles/wireguard/gateway/templates/systemd.network.j2 b/roles/wireguard/gateway/templates/systemd.network.j2 deleted file mode 100644 index 8d8af966..00000000 --- a/roles/wireguard/gateway/templates/systemd.network.j2 +++ /dev/null @@ -1,7 +0,0 @@ -[Match] -Name={{ item.key }} - -[Network] -{% for addr in item.value.addresses %} -Address={{ addr }} -{% endfor %} -- cgit v1.2.3