sonny/arch-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: sonny:1231d2bbaeb7d63f8779c91466b7fed961099ea1
Branches Tags
sonny:main
sonny:wireguard-refactor
sonny:file-structure
..
compare: sonny:8920ba56f32d2e75b4691693542340f867aea4b5
Branches Tags
sonny:main
sonny:wireguard-refactor
sonny:file-structure

No commits in common. "1231d2bbaeb7d63f8779c91466b7fed961099ea1" and "8920ba56f32d2e75b4691693542340f867aea4b5" have entirely different histories.
1231d2bbae ... 8920ba56f3

12 changed files with 84 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

26
.gitlab-ci.yml Normal file
View file

@ -0,0 +1,26 @@
stages:
- lint
- test
cache:
key: $CI_COMMIT_REF_SLUG
paths:
- .cache/pip
- node_modules/
lint:
stage: lint
image: node:lts
before_script:
- npm install
script:
- npx prettier '**/*.yml' --check
syntax-test:
stage: test
image: python:3.7
before_script:
- pip install ansible --quiet
- ansible-galaxy install --role-file requirements.yml --roles-path ./roles
script:
- ansible-playbook playbook.yml --syntax-check

5
.prettierrc.yml Normal file
View file

@ -0,0 +1,5 @@
singleQuote: true
printWidth: 90
tabWidth: 2
useTabs: false
bracketSpacing: true

33
package-lock.json generated Normal file
View file

@ -0,0 +1,33 @@
{
"name": "development",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"dependencies": {
"prettier": "^2.6.2"
}
},
"node_modules/prettier": {
"version": "2.6.2",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.6.2.tgz",
"integrity": "sha512-PkUpF+qoXTqhOeWL9fu7As8LXsIUZ1WYaJiY/a7McAQzxjk82OF0tibkFXVCDImZtWxbvojFjerkiLb0/q8mew==",
"bin": {
"prettier": "bin-prettier.js"
},
"engines": {
"node": ">=10.13.0"
},
"funding": {
"url": "https://github.com/prettier/prettier?sponsor=1"
}
}
},
"dependencies": {
"prettier": {
"version": "2.6.2",
"resolved": "https://registry.npmjs.org/prettier/-/prettier-2.6.2.tgz",
"integrity": "sha512-PkUpF+qoXTqhOeWL9fu7As8LXsIUZ1WYaJiY/a7McAQzxjk82OF0tibkFXVCDImZtWxbvojFjerkiLb0/q8mew=="
}
}
}

5
package.json Normal file
View file

@ -0,0 +1,5 @@
{
"dependencies": {
"prettier": "^2.6.2"
}
}

2
templates/desktop/network/wg0.network.j2
View file

@ -4,7 +4,7 @@
Name={{ vpn_default.interface }} Name={{ vpn_default.interface }}
[Network] [Network]
Address={{ vpn_default.ip }}/{{ vpn_default.prefix }} Address={{ vpn_default.ip }}/{{ vpn_default.subnet }}
DNS={{ vpn_default.dns }} DNS={{ vpn_default.dns }}
Domains={{ vpn_default.domains | join(' ') }} Domains={{ vpn_default.domains | join(' ') }}

2
templates/desktop/network/wg1.network.j2
View file

@ -4,7 +4,7 @@
Name={{ vpn_media.interface }} Name={{ vpn_media.interface }}
[Network] [Network]
Address={{ vpn_media.ip }}/{{ vpn_media.prefix }} Address={{ vpn_media.ip }}/{{ vpn_media.subnet }}
DNS={{ vpn_media.dns }} DNS={{ vpn_media.dns }}
Domains={{ vpn_media.domains | join(' ') }} Domains={{ vpn_media.domains | join(' ') }}

4
templates/laptop/network/wg0.netdev.j2
View file

@ -12,9 +12,7 @@ PrivateKeyFile={{ vpn_default.private_key_path }}
[WireGuardPeer] [WireGuardPeer]
PublicKey={{ peer.public_key }} PublicKey={{ peer.public_key }}
PresharedKeyFile={{ peer.preshared_key_path }} PresharedKeyFile={{ peer.preshared_key_path }}
{% for ip in peer.allowed_ips %} AllowedIPs={{ peer.allowd_ips }}
AllowedIPs={{ ip.address }}
{% endfor %}
{% if peer.endpoint %} {% if peer.endpoint %}
Endpoint={{ peer.endpoint }} Endpoint={{ peer.endpoint }}
{% endif %} {% endif %}

12
templates/laptop/network/wg0.network.j2
View file

@ -4,16 +4,6 @@
Name={{ vpn_default.interface }} Name={{ vpn_default.interface }}
[Network] [Network]
Address={{ vpn_default.ip }}/{{ vpn_default.prefix }} Address={{ vpn_default.ip }}/{{ vpn_default.subnet }}
DNS={{ vpn_default.dns }} DNS={{ vpn_default.dns }}
Domains={{ vpn_default.domains | join(' ') }} Domains={{ vpn_default.domains | join(' ') }}
{% for peer in vpn_default.peers %}
{% for ip in peer.allowed_ips %}
{% if ip.create_route %}
[Route]
Destination={{ ip.address }}
Scope=link
{% endif %}
{% endfor %}
{% endfor %}

4
templates/laptop/network/wg1.netdev.j2
View file

@ -12,9 +12,7 @@ PrivateKeyFile={{ vpn_media.private_key_path }}
[WireGuardPeer] [WireGuardPeer]
PublicKey={{ peer.public_key }} PublicKey={{ peer.public_key }}
PresharedKeyFile={{ peer.preshared_key_path }} PresharedKeyFile={{ peer.preshared_key_path }}
{% for ip in peer.allowed_ips %} AllowedIPs={{ peer.allowd_ips }}
AllowedIPs={{ ip.address }}
{% endfor %}
{% if peer.endpoint %} {% if peer.endpoint %}
Endpoint={{ peer.endpoint }} Endpoint={{ peer.endpoint }}
{% endif %} {% endif %}

12
templates/laptop/network/wg1.network.j2
View file

@ -4,16 +4,6 @@
Name={{ vpn_media.interface }} Name={{ vpn_media.interface }}
[Network] [Network]
Address={{ vpn_media.ip }}/{{ vpn_media.prefix }} Address={{ vpn_media.ip }}/{{ vpn_media.subnet }}
DNS={{ vpn_media.dns }} DNS={{ vpn_media.dns }}
Domains={{ vpn_media.domains | join(' ') }} Domains={{ vpn_media.domains | join(' ') }}
{% for peer in vpn_media.peers %}
{% for ip in peer.allowed_ips %}
{% if ip.create_route %}
[Route]
Destination={{ ip.address }}
Scope=link
{% endif %}
{% endfor %}
{% endfor %}

5
vars/desktop.yml
View file

@ -21,7 +21,7 @@ boot_configuration:
# TODO: scope variables to their destination file # TODO: scope variables to their destination file
vpn_default: vpn_default:
ip: '10.0.0.3' ip: '10.0.0.3'
prefix: '24' subnet: '24'
interface: 'wg0' interface: 'wg0'
dns: '10.0.0.1' dns: '10.0.0.1'
domains: domains:
@ -30,6 +30,7 @@ vpn_default:
public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub' public_key_path: '{{ vpn_config_dir }}/keys/public/default/desktop.pub'
private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key' private_key_path: '{{ vpn_config_dir }}/keys/private/default/desktop.key'
private_key_source_path: 'files/desktop/wireguard/default/desktop.key'
peers: peers:
- name: 'zeus' - name: 'zeus'
@ -45,7 +46,7 @@ vpn_default:
vpn_media: vpn_media:
ip: '10.0.1.3' ip: '10.0.1.3'
prefix: '24' subnet: '24'
interface: 'wg1' interface: 'wg1'
dns: '10.0.1.1' dns: '10.0.1.1'
domains: domains:

15
vars/laptop.yml
View file

@ -24,23 +24,18 @@ mkinitcpio_templates:
vpn_default: vpn_default:
ip: '10.0.0.2' ip: '10.0.0.2'
prefix: '24' subnet: '24'
interface: 'wg0' interface: 'wg0'
dns: '10.0.0.1' dns: '10.0.0.1'
domains: domains:
- ~vpn.fudiggity.nl - ~vpn.fudiggity.nl
- ~transmission.fudiggity.nl
public_key_path: '{{ vpn_config_dir }}/keys/public/default/laptop.pub' public_key_path: '{{ vpn_config_dir }}/keys/public/default/laptop.pub'
private_key_path: '{{ vpn_config_dir }}/keys/private/default/laptop.key' private_key_path: '{{ vpn_config_dir }}/keys/private/default/laptop.key'
peers: peers:
- name: 'zeus' - name: 'zeus'
allowed_ips: allowd_ips: '10.0.0.1/32'
- address: '10.0.0.0/24'
create_route: false
- address: '172.16.238.0/24'
create_route: true
endpoint: 'fudiggity.nl:51902' endpoint: 'fudiggity.nl:51902'
public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo=' public_key: 'CeybSMpJiicXmndIuhe89Bay3z3PEdYNyAwIFsacBEo='
preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk' preshared_key_path: '{{ vpn_config_dir }}/keys/private/default/preshared-zeus.psk'
@ -48,7 +43,7 @@ vpn_default:
vpn_media: vpn_media:
ip: '10.0.1.2' ip: '10.0.1.2'
prefix: '24' subnet: '24'
interface: 'wg1' interface: 'wg1'
dns: '10.0.1.1' dns: '10.0.1.1'
domains: domains:
@ -59,9 +54,7 @@ vpn_media:
peers: peers:
- name: 'zeus-media' - name: 'zeus-media'
allowed_ips: allowd_ips: '10.0.1.1/32'
- address: '10.0.1.0/24'
create_route: false
endpoint: 'fudiggity.nl:51903' endpoint: 'fudiggity.nl:51903'
public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg=' public_key: 'EugKeo63C5N5kz9ShMHtYswO9Qh6mE00MtfLSFmqqjg='
preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk' preshared_key_path: '{{ vpn_config_dir }}/keys/private/media/preshared-zeus.psk'