From e728c5d17e9793f32fa56287c09af188831610f7 Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Mon, 1 Feb 2021 22:46:01 +0100
Subject: Wireguard.

---
 .../src/main/resources/io/trygvis/rules/wireguard/wireguard.drl  | 5 ++++-
 .../src/main/resources/templates/wireguard/ansible-host.j2       | 7 ++++++-
 .../src/main/resources/templates/wireguard/ansible.j2            | 9 +++++----
 3 files changed, 15 insertions(+), 6 deletions(-)

(limited to 'module/ri-wireguard/src/main')

diff --git a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl
index 425b6ca..1c7d251 100644
--- a/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl
+++ b/module/ri-wireguard/src/main/resources/io/trygvis/rules/wireguard/wireguard.drl
@@ -15,6 +15,7 @@ dialect  "mvel"
 declare WgNet
     name        : String
     domain      : String
+    port        : int
     linkCidr    : String
     networkCidr : String
     networkBits : int
@@ -30,6 +31,7 @@ declare WgHost
     machine     : Machine
     net         : WgNet
     publicName  : String
+    publicPort  : int
     ip          : String // This host's IP
     networkCidr : String
 end
@@ -65,6 +67,7 @@ then
     wgHost.machine = $machine;
     wgHost.net = $wgNet;
     wgHost.publicName = $machine.fqdn;
+    wgHost.publicPort = $wgNet.port;
     insert(wgHost)
 end
 
@@ -167,7 +170,7 @@ rule "Generate per-net, per-host files"
 when
     $net : WgNet()
     $host : WgHost(net == $net)
-    $peers : ArrayList() from accumulate(WgConnection(host == $host, $to: to), collectList($to.machine))
+    $peers : ArrayList() from accumulate(WgConnection(host == $host, $to: to), collectList($to))
 then
     System.out.printf("Generating per-host files: net=%s, host=%s%n", $net.name, $host.machine.name);
 
diff --git a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2 b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2
index cbf707e..6cb3a05 100644
--- a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2
+++ b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible-host.j2
@@ -1,7 +1,12 @@
 # Generated
+wireguard_port: {{ host.publicPort }}
 link_address: {{ host.ip }}
 network_cidr: {{ host.networkCidr }}
 wireguard_peers:
 {%- for peer in peers %}
-  - {{ peer.fqdn }}
+  {{ peer.machine.name }}:
+    public_address: {{ peer.publicName }}
+    public_port: {{ peer.publicPort }}
+    gateway: {{ peer.ip }}
+    network: {{ peer.networkCidr }}
 {%- endfor %}
diff --git a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2 b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2
index bca3e8c..ad4d034 100644
--- a/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2
+++ b/module/ri-wireguard/src/main/resources/templates/wireguard/ansible.j2
@@ -1,6 +1,7 @@
 - hosts: wireguard_{{ net.name }}
-  roles:
+  vars:
+    wireguard_if: {{ net.name }}
+  tasks:
     - name: wireguard
-      wireguard_if: {{ net.name }}
-      wireguard_listen_port: 45364
-      wireguard_address4: "{{ '{{' }} link_address }}"
+      import_role:
+        name: wireguard
-- 
cgit v1.2.3