diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2021-02-01 22:46:01 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2021-02-01 22:46:01 +0100 |
commit | e728c5d17e9793f32fa56287c09af188831610f7 (patch) | |
tree | 10a1fda8134b2eb5cdfe3d93edd68a9294e62423 /module/ri-wireguard/src/main/resources | |
parent | 2957c76e4027f47959f79354b07cdaa4b04da8c6 (diff) | |
download | rules-sandbox-e728c5d17e9793f32fa56287c09af188831610f7.tar.gz rules-sandbox-e728c5d17e9793f32fa56287c09af188831610f7.tar.bz2 rules-sandbox-e728c5d17e9793f32fa56287c09af188831610f7.tar.xz rules-sandbox-e728c5d17e9793f32fa56287c09af188831610f7.zip |
Wireguard.
Diffstat (limited to 'module/ri-wireguard/src/main/resources')
3 files changed, 15 insertions, 6 deletions
diff --git a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl index 425b6ca..1c7d251 100644 --- a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl +++ b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl @@ -15,6 +15,7 @@ dialect "mvel" declare WgNet name : String domain : String + port : int linkCidr : String networkCidr : String networkBits : int @@ -30,6 +31,7 @@ declare WgHost machine : Machine net : WgNet publicName : String + publicPort : int ip : String // This host's IP networkCidr : String end @@ -65,6 +67,7 @@ then wgHost.machine = $machine; wgHost.net = $wgNet; wgHost.publicName = $machine.fqdn; + wgHost.publicPort = $wgNet.port; insert(wgHost) end @@ -167,7 +170,7 @@ rule "Generate per-net, per-host files" when $net : WgNet() $host : WgHost(net == $net) - $peers : ArrayList() from accumulate(WgConnection(host == $host, $to: to), collectList($to.machine)) + $peers : ArrayList() from accumulate(WgConnection(host == $host, $to: to), collectList($to)) then System.out.printf("Generating per-host files: net=%s, host=%s%n", $net.name, $host.machine.name); diff --git a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2 b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2 index cbf707e..6cb3a05 100644 --- a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2 +++ b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2 @@ -1,7 +1,12 @@ # Generated +wireguard_port: {{ host.publicPort }} link_address: {{ host.ip }} network_cidr: {{ host.networkCidr }} wireguard_peers: {%- for peer in peers %} - - {{ peer.fqdn }} + {{ peer.machine.name }}: + public_address: {{ peer.publicName }} + public_port: {{ peer.publicPort }} + gateway: {{ peer.ip }} + network: {{ peer.networkCidr }} {%- endfor %} diff --git a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2 b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2 index bca3e8c..ad4d034 100644 --- a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2 +++ b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2 @@ -1,6 +1,7 @@ - hosts: wireguard_{{ net.name }} - roles: + vars: + wireguard_if: {{ net.name }} + tasks: - name: wireguard - wireguard_if: {{ net.name }} - wireguard_listen_port: 45364 - wireguard_address4: "{{ '{{' }} link_address }}" + import_role: + name: wireguard |