diff options
| author | Romain Gonçalves <me@rgoncalves.se> | 2024-06-30 14:56:04 +0200 |
|---|---|---|
| committer | Romain Gonçalves <me@rgoncalves.se> | 2024-06-30 17:00:40 +0200 |
| commit | e8d1a59785712a5183849b5b12b35f9347607a09 (patch) | |
| tree | 79f27aad6bbf0eb223eb0358b2655c8a1411255b /roles/wireguard/templates | |
| parent | 5fb273af8ea757e5627c4b09582705e42aa1d8e6 (diff) | |
| download | rules-e8d1a59785712a5183849b5b12b35f9347607a09.tar.gz | |
refactor(roles/wireguard): bump wireguard generation
Diffstat (limited to 'roles/wireguard/templates')
| -rw-r--r-- | roles/wireguard/templates/wireguard.conf.j2 | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/roles/wireguard/templates/wireguard.conf.j2 b/roles/wireguard/templates/wireguard.conf.j2 index 91ebf1d..ef60186 100644 --- a/roles/wireguard/templates/wireguard.conf.j2 +++ b/roles/wireguard/templates/wireguard.conf.j2 @@ -1,7 +1,7 @@ # managed by Ansible -{% set keys = lookup("file", wireguard_local_dir ~ "/" ~ host.inventory_hostname ~ ".keys").splitlines() %} -{% set domain_controller_keys = lookup("file", wireguard_local_dir ~ "/" ~ wireguard_domain_controller ~ ".keys").splitlines() %} -{% set is_domain_controller = host.inventory_hostname == wireguard_domain_controller %} +{% set keys = lookup("file", wireguard__local_dir ~ "/" ~ host.inventory_hostname ~ ".keys").splitlines() %} +{% set domain_controller_keys = lookup("file", wireguard__local_dir ~ "/" ~ wireguard__domain_controller ~ ".keys").splitlines() %} +{% set is_domain_controller = host.inventory_hostname == wireguard__domain_controller %} {% set ipv4_address = host.__ip.internal ~ "/24" if is_domain_controller else host.__ip.internal %} {% set ipv6_address = "fd00::1/128" if is_domain_controller else "fd00:10:10::" ~ host.__ip.internal.split(".")[3] %} @@ -9,15 +9,15 @@ Address = {{ ipv4_address }}, {{ ipv6_address }} PrivateKey = {{ keys[0] }} {% if is_domain_controller %} -ListenPort = {{ wireguard_port }} +ListenPort = {{ wireguard__port }} {% endif %} {% if is_domain_controller %} {% for guest in groups.all %} {% set guest = hostvars[guest] %} -{% if guest.inventory_hostname not in [wireguard_domain_controller, "localhost"] and guest.__ip.internal %} +{% if guest.inventory_hostname not in [wireguard__domain_controller, "localhost"] and guest.__ip.internal %} {# #} -{% set guest_keys = lookup("file", wireguard_local_dir ~ "/" ~ guest.inventory_hostname ~ ".keys").splitlines() %} +{% set guest_keys = lookup("file", wireguard__local_dir ~ "/" ~ guest.inventory_hostname ~ ".keys").splitlines() %} # {{ guest.inventory_hostname }} [Peer] PublicKey = {{ guest_keys[1] }} @@ -28,7 +28,7 @@ AllowedIPs = {{ guest.__ip.internal }}/32, fd00:10:10::{{ guest.__ip.internal.sp {% else %} [Peer] PublicKey = {{ domain_controller_keys[1] }} -Endpoint = {{ hostvars[wireguard_domain_controller].__ip.external }}:{{ wireguard_port }} +Endpoint = {{ hostvars[wireguard__domain_controller].__ip.external }}:{{ wireguard__port }} AllowedIPs = 0.0.0.0/0, ::/0 -PersistentKeepalive = {{ wireguard_persistent_keepalive }} +PersistentKeepalive = {{ wireguard__persistent_keepalive }} {% endif %} |