Add wireguard configuration

2021-12-28 11:27:12 +01:00 · 2021-12-28 11:27:12 +01:00 · a043bae576
commit a043bae576
parent ce46689f57
16 changed files with 155 additions and 13 deletions
--- a/templates/network/br0.netdev.j2
+++ b/templates/network/br0.netdev.j2
@ -0,0 +1,6 @@
+# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
+
+[NetDev]
+Name={{ bridge_interface }}
+Kind=bridge
+MACAddress={{ bridge_mac }}
--- a/templates/network/br0.network.j2
+++ b/templates/network/br0.network.j2
@ -0,0 +1,7 @@
+# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
+
+[Match]
+Name={{ bridge_source_interface }}
+
+[Network]
+Bridge={{ bridge_interface }}
--- a/templates/network/enp5s0.network.j2
+++ b/templates/network/enp5s0.network.j2
@ -0,0 +1,10 @@
+# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
+
+[Match]
+Name={{ bridge_interface }}
+
+[Network]
+DHCP=ipv4
+Address={{ lan_ip_address }}/24
+Gateway={{ lan_ip_address[:-3] }}1
+DNS={{ lan_ip_address[:-3] }}1
--- a/templates/network/wg0.netdev.j2
+++ b/templates/network/wg0.netdev.j2
@ -0,0 +1,17 @@
+# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
+
+[NetDev]
+Name={{ vpn_interface }}
+Kind=wireguard
+Description=WireGuard tunnel wg0
+
+[WireGuard]
+ListenPort={{ vpn_port }}
+PrivateKeyFile={{ vpn_server_key_path }}
+
+{% for peer in vpn_peers %}
+[WireGuardPeer]
+PublicKey={{ peer.public_key }}
+PresharedKeyFile={{ vpn_preshared_path }}
+AllowedIPs={{ peer.ip }}/32
+{% endfor %}
--- a/templates/network/wg0.network.j2
+++ b/templates/network/wg0.network.j2
@ -0,0 +1,7 @@
+# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
+
+[Match]
+Name={{ vpn_interface }}
+
+[Network]
+Address={{ vpn_listen_address }}/24