From e72f7533ebd47454a153e111bef9b5e97711b6b0 Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Sun, 9 Mar 2025 21:00:54 +0100
Subject: [PATCH 1/2] Remove unused files

---
 .gitlab-ci.yml    | 26 --------------------------
 .prettierrc.yml   |  5 -----
 package-lock.json | 33 ---------------------------------
 package.json      |  5 -----
 4 files changed, 69 deletions(-)
 delete mode 100644 .gitlab-ci.yml
 delete mode 100644 .prettierrc.yml
 delete mode 100644 package-lock.json
 delete mode 100644 package.json

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index 2a8b491..0000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-stages:
-  - lint
-  - test
-
-cache:
-  key: $CI_COMMIT_REF_SLUG
-  paths:
-    - .cache/pip
-    - node_modules/
-
-lint:
-  stage: lint
-  image: node:lts
-  before_script:
-    - npm install
-  script:
-    - npx prettier '**/*.yml' --check
-
-syntax-test:
-  stage: test
-  image: python:3.7
-  before_script:
-    - pip install ansible --quiet
-    - ansible-galaxy install --role-file requirements.yml --roles-path ./roles
-  script:
-    - ansible-playbook playbook.yml --syntax-check
diff --git a/.prettierrc.yml b/.prettierrc.yml
deleted file mode 100644
index 0cb31e6..0000000
--- a/.prettierrc.yml
+++ /dev/null
@@ -1,5 +0,0 @@
-singleQuote: true
-printWidth: 90
-tabWidth: 2
-useTabs: false
-bracketSpacing: true
diff --git a/package-lock.json b/package-lock.json
deleted file mode 100644
index 0db7ba2..0000000
--- a/package-lock.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
-  "name": "development",
-  "lockfileVersion": 2,
-  "requires": true,
-  "packages": {
-    "": {
-      "dependencies": {
-        "prettier": "^2.6.2"
-      }
-    },
-    "node_modules/prettier": {
-      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.6.2.tgz",
-      "integrity": "sha512-PkUpF+qoXTqhOeWL9fu7As8LXsIUZ1WYaJiY/a7McAQzxjk82OF0tibkFXVCDImZtWxbvojFjerkiLb0/q8mew==",
-      "bin": {
-        "prettier": "bin-prettier.js"
-      },
-      "engines": {
-        "node": ">=10.13.0"
-      },
-      "funding": {
-        "url": "https://github.com/prettier/prettier?sponsor=1"
-      }
-    }
-  },
-  "dependencies": {
-    "prettier": {
-      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-2.6.2.tgz",
-      "integrity": "sha512-PkUpF+qoXTqhOeWL9fu7As8LXsIUZ1WYaJiY/a7McAQzxjk82OF0tibkFXVCDImZtWxbvojFjerkiLb0/q8mew=="
-    }
-  }
-}
diff --git a/package.json b/package.json
deleted file mode 100644
index e1f5891..0000000
--- a/package.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-  "dependencies": {
-    "prettier": "^2.6.2"
-  }
-}

From 1231d2bbaeb7d63f8779c91466b7fed961099ea1 Mon Sep 17 00:00:00 2001
From: Sonny Bakker <sonny871@hotmail.com>
Date: Sun, 9 Mar 2025 21:15:27 +0100
Subject: [PATCH 2/2] Apply changes from
 8920ba56f32d2e75b4691693542340f867aea4b5 to laptop configuration

---
 templates/desktop/network/wg0.network.j2 |  2 +-
 templates/desktop/network/wg1.network.j2 |  6 +++---
 templates/laptop/network/wg0.netdev.j2   |  4 +++-
 templates/laptop/network/wg0.network.j2  | 12 +++++++++++-
 templates/laptop/network/wg1.netdev.j2   |  4 +++-
 templates/laptop/network/wg1.network.j2  | 12 +++++++++++-
 vars/desktop.yml                         |  5 ++---
 vars/laptop.yml                          | 15 +++++++++++----
 8 files changed, 45 insertions(+), 15 deletions(-)

diff --git a/templates/desktop/network/wg0.network.j2 b/templates/desktop/network/wg0.network.j2
index 1787da4..515a71a 100644
--- a/templates/desktop/network/wg0.network.j2
+++ b/templates/desktop/network/wg0.network.j2
@@ -4,7 +4,7 @@
 Name={{ vpn_default.interface }}
 
 [Network]
-Address={{ vpn_default.ip }}/{{ vpn_default.subnet }}
+Address={{ vpn_default.ip }}/{{ vpn_default.prefix }}
 DNS={{ vpn_default.dns }}
 Domains={{ vpn_default.domains | join(' ') }}
 
diff --git a/templates/desktop/network/wg1.network.j2 b/templates/desktop/network/wg1.network.j2
index 8e462cc..40d3650 100644
--- a/templates/desktop/network/wg1.network.j2
+++ b/templates/desktop/network/wg1.network.j2
@@ -4,7 +4,7 @@
 Name={{ vpn_media.interface }}
 
 [Network]
-Address={{ vpn_media.ip }}/{{ vpn_media.subnet }}
+Address={{ vpn_media.ip }}/{{ vpn_media.prefix }}
 DNS={{ vpn_media.dns }}
 Domains={{ vpn_media.domains | join(' ') }}
 
@@ -12,8 +12,8 @@ Domains={{ vpn_media.domains | join(' ') }}
 {% for ip in peer.allowed_ips %}
 {% if ip.create_route %}
 [Route]
-Destination = {{ ip.address }}
-Scope = link
+Destination={{ ip.address }}
+Scope=link
 {% endif %}
 {% endfor %}
 {% endfor %}
diff --git a/templates/laptop/network/wg0.netdev.j2 b/templates/laptop/network/wg0.netdev.j2
index 6f1c0dd..ffceef7 100644
--- a/templates/laptop/network/wg0.netdev.j2
+++ b/templates/laptop/network/wg0.netdev.j2
@@ -12,7 +12,9 @@ PrivateKeyFile={{ vpn_default.private_key_path }}
 [WireGuardPeer]
 PublicKey={{ peer.public_key }}
 PresharedKeyFile={{ peer.preshared_key_path }}
-AllowedIPs={{ peer.allowd_ips }}
+{% for ip in peer.allowed_ips %}
+AllowedIPs={{ ip.address }}
+{% endfor %}
 {% if peer.endpoint %}
 Endpoint={{ peer.endpoint }}
 {% endif %}
diff --git a/templates/laptop/network/wg0.network.j2 b/templates/laptop/network/wg0.network.j2
index 9253528..515a71a 100644
--- a/templates/laptop/network/wg0.network.j2
+++ b/templates/laptop/network/wg0.network.j2
@@ -4,6 +4,16 @@
 Name={{ vpn_default.interface }}
 
 [Network]
-Address={{ vpn_default.ip }}/{{ vpn_default.subnet }}
+Address={{ vpn_default.ip }}/{{ vpn_default.prefix }}
 DNS={{ vpn_default.dns }}
 Domains={{ vpn_default.domains | join(' ') }}
+
+{% for peer in vpn_default.peers %}
+{% for ip in peer.allowed_ips %}
+{% if ip.create_route %}
+[Route]
+Destination={{ ip.address }}
+Scope=link
+{% endif %}
+{% endfor %}
+{% endfor %}
diff --git a/templates/laptop/network/wg1.netdev.j2 b/templates/laptop/network/wg1.netdev.j2
index 104804f..13d86df 100644
--- a/templates/laptop/network/wg1.netdev.j2
+++ b/templates/laptop/network/wg1.netdev.j2
@@ -12,7 +12,9 @@ PrivateKeyFile={{ vpn_media.private_key_path }}
 [WireGuardPeer]
 PublicKey={{ peer.public_key }}
 PresharedKeyFile={{ peer.preshared_key_path }}
-AllowedIPs={{ peer.allowd_ips }}
+{% for ip in peer.allowed_ips %}
+AllowedIPs={{ ip.address }}
+{% endfor %}
 {% if peer.endpoint %}
 Endpoint={{ peer.endpoint }}
 {% endif %}
diff --git a/templates/laptop/network/wg1.network.j2 b/templates/laptop/network/wg1.network.j2
index 9a03d7b..40d3650 100644
--- a/templates/laptop/network/wg1.network.j2
+++ b/templates/laptop/network/wg1.network.j2
@@ -4,6 +4,16 @@
 Name={{ vpn_media.interface }}
 
 [Network]
-Address={{ vpn_media.ip }}/{{ vpn_media.subnet }}
+Address={{ vpn_media.ip }}/{{ vpn_media.prefix }}
 DNS={{ vpn_media.dns }}
 Domains={{ vpn_media.domains | join(' ') }}
+
+{% for peer in vpn_media.peers %}
+{% for ip in peer.allowed_ips %}
+{% if ip.create_route %}
+[Route]
+Destination={{ ip.address }}
+Scope=link
+{% endif %}
+{% endfor %}
+{% endfor %}
diff --git a/vars/desktop.yml b/vars/desktop.yml
index e4cca6c..6a22f27 100644
--- a/vars/desktop.yml
+++ b/vars/desktop.yml
@@ -21,7 +21,7 @@ boot_configuration:
 # TODO: scope variables to their destination file
 vpn_default:
   ip: '10.0.0.3'
-  subnet: '24'
+  prefix: '24'
   interface: 'wg0'
   dns: '10.0.0.1'
   domains:
@@ -30,7 +30,6 @@ vpn_default:
 
   public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub'
   private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key'
-  private_key_source_path: 'files/desktop/wireguard/default/desktop.key'
 
   peers:
     - name: 'zeus'
@@ -46,7 +45,7 @@ vpn_default:
 
 vpn_media:
   ip: '10.0.1.3'
-  subnet: '24'
+  prefix: '24'
   interface: 'wg1'
   dns: '10.0.1.1'
   domains:
diff --git a/vars/laptop.yml b/vars/laptop.yml
index cba4fa9..cc46761 100644
--- a/vars/laptop.yml
+++ b/vars/laptop.yml
@@ -24,18 +24,23 @@ mkinitcpio_templates:
 
 vpn_default:
   ip: '10.0.0.2'
-  subnet: '24'
+  prefix: '24'
   interface: 'wg0'
   dns: '10.0.0.1'
   domains:
     - ~vpn.fudiggity.nl
+    - ~transmission.fudiggity.nl
 
   public_key_path: '{{ vpn_config_dir }}/keys/public/default/laptop.pub'
   private_key_path: '{{ vpn_config_dir }}/keys/private/default/laptop.key'
 
   peers:
     - name: 'zeus'
-      allowd_ips: '10.0.0.1/32'
+      allowed_ips:
+        - address: '10.0.0.0/24'
+          create_route: false
+        - address: '172.16.238.0/24'
+          create_route: true
       endpoint: 'fudiggity.nl:51902'
       public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo='
       preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk'
@@ -43,7 +48,7 @@ vpn_default:
 
 vpn_media:
   ip: '10.0.1.2'
-  subnet: '24'
+  prefix: '24'
   interface: 'wg1'
   dns: '10.0.1.1'
   domains:
@@ -54,7 +59,9 @@ vpn_media:
 
   peers:
     - name: 'zeus-media'
-      allowd_ips: '10.0.1.1/32'
+      allowed_ips:
+        - address: '10.0.1.0/24'
+          create_route: false
       endpoint: 'fudiggity.nl:51903'
       public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg='
       preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk'